Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: HP automountd security bulletin

From: cybrthng () EANUT ORG (Byron Miller)
Date: Wed, 27 Oct 1999 15:17:14 -0400

I believe automounter is required, as with NFS when using PFS mounts.

Which if you run Oracle, and ever have to install anything you will need it
enabled, as does anything with the rockridge cdrom format.

Other then that.. you can disable it.. enable it when you need to mount, and
then disable again.

i tell you, i could kill Oracle sometimes because of that damn pfs_mount,
nothing but problems.. "nfs lock while blah blah blah"... the oracle
consultant here looked up internal notes and found hundreds of these
problems across platforms (solaris, aix, hp).

-byron

----- Original Message -----
From: <Valdis.Kletnieks () VT EDU>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Wednesday, October 27, 1999 9:54 AM
Subject: Re: HP automountd security bulletin


On Tue, 26 Oct 1999 00:03:40 EDT, Bennett Todd <bet () MORDOR NET>  said:

of a worry. So use ipchains on Linux or ipfilter on most anything, and

set up

the host to block all but select, chosen protocols at its interfaces.


This, of course, assumes that you don't ever intend to run NFS.

And if the machine was *running* the automounter, there's only 2
explanations:

1) It was started by default and the machine was never tightened down.
2) There is actually a desire to use NFS.

Unless you have an ipchains or ipfilter that's smart enough to
reject based on the RPC procedure number, you're stuck.

Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
Previous By Date Next
Previous By Thread Next

Current thread: