Bugtraq mailing list archives
Re: HP automountd security bulletin
From: cybrthng () EANUT ORG (Byron Miller)
Date: Wed, 27 Oct 1999 15:17:14 -0400
I believe automounter is required, as with NFS when using PFS mounts. Which if you run Oracle, and ever have to install anything you will need it enabled, as does anything with the rockridge cdrom format. Other then that.. you can disable it.. enable it when you need to mount, and then disable again. i tell you, i could kill Oracle sometimes because of that damn pfs_mount, nothing but problems.. "nfs lock while blah blah blah"... the oracle consultant here looked up internal notes and found hundreds of these problems across platforms (solaris, aix, hp). -byron ----- Original Message ----- From: <Valdis.Kletnieks () VT EDU> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Wednesday, October 27, 1999 9:54 AM Subject: Re: HP automountd security bulletin
On Tue, 26 Oct 1999 00:03:40 EDT, Bennett Todd <bet () MORDOR NET> said:of a worry. So use ipchains on Linux or ipfilter on most anything, and
set up
the host to block all but select, chosen protocols at its interfaces.This, of course, assumes that you don't ever intend to run NFS. And if the machine was *running* the automounter, there's only 2 explanations: 1) It was started by default and the machine was never tightened down. 2) There is actually a desire to use NFS. Unless you have an ipchains or ipfilter that's smart enough to reject based on the RPC procedure number, you're stuck. Valdis Kletnieks Operating Systems Analyst Virginia Tech
Current thread:
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Rami Dass (Oct 21)
- HP automountd security bulletin dsiebert () ENGINEERING UIOWA EDU (Oct 22)
- Re: HP automountd security bulletin Bennett Todd (Oct 25)
- Re: HP automountd security bulletin Valdis.Kletnieks () VT EDU (Oct 27)
- Re: HP automountd security bulletin Byron Miller (Oct 27)
- Re: HP automountd security bulletin Bennett Todd (Oct 25)
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Gregory A Lundberg (Oct 22)
- Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD Charles M. Richmond (Oct 26)
- [slackware-security] CA-99-13: wu-ftpd upgrade available (fwd) Rafael Rodrigues Obelheiro (Oct 23)
- RFP9905: Zeus webserver remote root compromise .rain.forest.puppy. (Oct 25)
- HP automountd security bulletin dsiebert () ENGINEERING UIOWA EDU (Oct 22)