NFS problem AGAIN -- it still does not work

Derick Centeno aguilarojo at verizon.net
Fri Jan 4 04:30:07 MST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Along the lines which SRM has raised, it may be wiser to modify or  
refine the IPTables and install either Open Source Tripwire (OST) or  
Tripwire or another security tool for helping identify server  
security vulnerabilities so that one can construct an ever stronger  
or better protected server.

Of course, the issue is really what is being done with the server.   
If it is open to the net in any capacity shutting down the IPTables  
is not a solution as you are inviting others to turn your server in  
the equivalent of a spawning system for virii, spam and worse.   
Shutting down the IPTables is even a worse option if that is the only  
security system you know of and/or tool which you have.  The harder  
and more prudent approach is a combined strategy of multiple security  
tools for your server.  I've suggested one security system I know  
about which works on YDL.  There are probably others.

Security, has become everyone's business to insure that one is not  
propagating problems for others via the server or client one owns.   
It's the new public hygiene like the unpleasant but necessary  
consideration of any other hygiene issue.  In the end, it is in one's  
best interest to make the time to master the details.

Perhaps a list of security systems like OST, and others, which work  
on YDL can be tested and listed somewhere as a reference.
Best wishes...

On Jan 4, 2008, at 5:49 AM, srm at schokokeks.org wrote:

>
>
>> On Thursday 03 January 2008 17:45, Stephen Thudium wrote:
>>> NFS now works!!
>>>
>>> I found my mistake:  I needed to disable IPtables at the server.
>>>
>>> Thanks, everyone for your help.
>>>
>>> BTW, I would be willing to write a NFS HOWTO, if anyone can use  
>>> that.
>>
>> Please consider submitting it to:
>> http://www.terrasoftsolutions.com/showcase/story-submit.shtml
>>
>> kai
>> _______________________________________________
>
> That only tells you that you have to alter your IPtables setup.
> As long as you don't have an additional, sufficient firewall i  
> think it is
> not a good idea to disable your firewall on the server, given this  
> server
> is somehow connected to the outside world.
>
> Regards,
> stephan
>
> _______________________________________________
> yellowdog-newbie mailing list
> yellowdog-newbie at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-newbie

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFHfhjAFvoPHRAQim0RAmFpAKCfBLlWRUFDJyBB8tZRZxCUyWOoNACdEX3K
Y/QpGVkJLakDOstDvxJ0J5w=
=Ekco
-----END PGP SIGNATURE-----

More information about the yellowdog-newbie mailing list