Gnome2 hangs on startup
Randy Bush
randy at psg.com
Sat Oct 9 22:00:57 PDT 2004
> If you firewall off TCP and UDP 111, and only allow local hosts to
> connect (maybe _just_ localhost) you should never have a problem with
> it.
well, as a security friend sez
One more thing: if you're running rpcbind, you're presumably
running some other service that talks to it. You need to block
its port(s), too.
so, what else needs blocking?
and, btw, you can't just block 111 from non-127/8. you could get
an attack toward your 127/8. you need to block 127/8 after
allowing lo0.
and that's why i hate this stuff.
randy
More information about the freebsd-gnome
mailing list