[LUAU] Hackers found
bbraun at sparcy.synack.net
bbraun at sparcy.synack.net
Thu Jan 28 10:59:43 PST 1999
On Thursday, Jan 1999 at 8:19:0 "Keith Leong" wrote:
| --=_0A5D814E.9FFE92E5
| Content-Type: text/plain; charset=US-ASCII
| Content-Transfer-Encoding: quoted-printable
| Content-Disposition: inline
|
| Anyway, there should be no circumstances that off site users should be
| using NFS. This means you should deny all external IP's to any of the=20
| rpc services. =20
|
| How do we do this?
ipchains and deny all ip to portmapper (port 111) will get most people.
The real solution is to deny everything except what you want to allow
out. There are many other things that you shouldn't allow. For example
X connections. If you run xdm, people can try to login. login attempts
are not logged for xdm(although if anyone is interested, I've hacked
xdm to log this to syslog). So, you should deny the 6000 ports for that.
Rob
More information about the LUAU
mailing list