> Interesting ports on localhost (127.0.0.1): > Port State Protocol Service > 22 open tcp ssh > 111 open tcp sunrpc > > I K'd out S10portmap in the /etc/rc0.d/ directory, but port 111 is still > open. I can remove portmap from /etc/init.d/, but how big a concern is > this port? I've got hosts.deny set to repel anything not using ssh.
Well is a corcern since bugs can be possible.. and you need the portmap in order to run things like postgresql.. but it is wrapped as you very well point out.. so.. for me is not something really dangerous.. well it could be if someone really would wanted to break your security seriously for some reason.. > And is it all right to keep 22 open like that? Apologies for the > rushed questions, I just want a box secure enough to allow me to > continue to experiment without worry. I can look into better > solutions later, like ipchains/firewalls. If you need to access your machine from several sites and you previously dont know from where.. you have to have open ssh at minimum.. what other choices? Regards Roberto ------------------------------------------------------------------------ Roberto Diaz <[EMAIL PROTECTED]> http://vivaldi.dtts.net Powered by ddt dynamic DNS Powered by GNU running on a Linux kernel. Powered by Debian (The real wonder) Concerto Grosso Op. 3/8 A minor Antonio Vivaldi (so... do you need beautiful words?) ------------------------------------------------------------------------
