em0 hijacking traffic to port 623
ianf at clue.co.za
Tue May 22 09:14:11 UTC 2007
> Ian FREISLICH <ianf at clue.co.za> writes:
> > No, it's a March 6 current. How safe is it to just update the
> > sys/dev/em directory and recompile? Quite a lot has changed in
> > CURRENT since then and I don't want to update everything on these
> > servers just yet.
> Quick workaround: configure inetd to listen to port 623 so rpcbind
> won't assign these ports to the NFS server. Something like this:
> asf-rmcp dgram udp nowait root /bin/false false
> asf-rmcp stream tcp nowait root /bin/false false
This won't help me.
These hosts are routers for several large datacenters. They're
blackholing all traffic with a destination port of 623 and probably
664 in hardware. I wouldn't mind so much if it just did it for
it's own IP.
More information about the freebsd-current