Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.
Due to the current gap in continued funding from the U.S. National Science Foundation (NSF), the NSF Unidata Program Center has temporarily paused most operations. See NSF Unidata Pause in Most Operations for details.
Since most ldm users are putting port 388 tcp/udp in the /etc/services file, the firewalling software can just allow traffic to/from that port. However, for those of us not using port 388, we need to use smarter firewall software that can determine what type of packet it is, and route it accordingly. The one disadvantage to this approach being all rpc traffic is let through the firewall. On the other hand, by specifying a port in the /etc/services file, there is no reason to use the rpc protocol. Either way, it can be done. Brad Teale Universal Weather & Aviation, Inc. <mailto:bteale@xxxxxxxxxxxx> 713-944-1440 ext. 3623 -----Original Message----- Sent: Tuesday, May 15, 2001 1:40 PM Hi folks, I'm sure everyone is aware of the ever increasing number of worms and other security compromises that are happening on the 'net these days. The local security folks here want to put a blanket filter on our internet connection for inbound port 111. The idea is that by filtering port 111, they make it just a bit harder for the various miscreants to find vulnerable RPC services. I'm trying to understand what effects that will have on our LDM servers. I vaguely remember running ldm for a while without having the /etc/rpc file edited properly, but that was a long time ago. I'm thinking we'll be able to connect to other servers, but nobody will be able to connect to us. Longer term, has anyone considered what will happen with LDM as firewalls, proxy servers and other security measures become more prevalent? RPC isn't the most firewall friendly protocol ever invented. -JEff
ldm-users archives: