Re: Security issues and LDM

Jeff,

There are others on this dist list that can probably answer this question
better than I, but I will let you know what I know....
LDM uses port 388. We have our firewall setup to allow traffic across the
TCP/UDP on port 388 to a few specific IP's
we send/receive data from. Our security folks have been comfortable with
this arrangement, and thats saying a lot
since our servers are on the same internal network along with our 7 nuclear
reactors :-)  They have run a number of
test to try and hack through into our system and have not had a problem
with LDM.

Also, I have played around with my Linksys router at home and by forwarding
just port 388, allows LDM to communicate
fine. So I don't believe that not having port 111 open will cause LDM
problems.

Mike Dross
Meteorologist
Duke Energy


                                                                                
                                             
                    Jeff Wolfe                                                  
                                             
                    <wolfe@xxxxxxxxxxx>           To:     
ldm-users@xxxxxxxxxxxxxxxx                                         
                    Sent by:                      cc:                           
                                             
                    owner-ldm-users@unidat        bcc:                          
                                             
                    a.ucar.edu                    Subject:     Security issues 
and LDM                                       
                                                                                
                                             
                                                                                
                                             
                    05/15/01 02:40 PM                                           
                                             
                                                                                
                                             
                                                                                
                                             





Hi folks,

I'm sure everyone is aware of the ever increasing number of worms and other

security compromises that are happening on the 'net these days. The local
security folks here want to put a blanket filter on our internet
connection for inbound port 111. The idea is that by filtering port 111,
they
make it just a bit harder for the various miscreants to find vulnerable RPC

services.

I'm trying to understand what effects that will have on our LDM servers. I
vaguely remember running ldm for a while without having the /etc/rpc file
edited properly, but that was a long time ago. I'm thinking we'll be able
to
connect to other servers, but nobody will be able to connect to us.

Longer term, has anyone considered what will happen with LDM as firewalls,
proxy servers and other security measures become more prevalent? RPC isn't
the
most firewall friendly protocol ever invented.


-JEff