[Beowulf] Remote procedure call (error)
Leif Nixon
nixon at nsc.liu.se
Thu Jan 29 06:25:17 EST 2004
Alvin Oga <alvin at Mail.Linux-Consulting.com> writes:
> On Wed, 28 Jan 2004, Robert G. Brown wrote:
>
>> As a general rule, I'd consider the portmapper and rpc stuff to be a
>> moderate security risk; lilith lives inside firewalls only. I have had
>> direct experience of systems cracked in the past through portmapper
>> bugs, which perhaps makes me a bit paranoid.
>
> did you run the secure versions of each ??
> secure rpc
> secure portmap
> secure nfs
Well, "secure" in that context means "encrypted". That might protect
your traffic against snoopers, but you're still as exposed to security
holes due to portmapper bugs.
I've seen too many RPC related buffer overrun holes in the past to
expose any RPC services to the Internet at large, whether "secure" or
not.
--
Leif Nixon Systems expert
------------------------------------------------------------
National Supercomputer Centre Linkoping University
------------------------------------------------------------
_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
More information about the Beowulf
mailing list