setting up nfs
Derek D. Martin
ddm at mclinux.com
Thu Jul 26 11:41:17 EDT 2001
Joel Gwynn said:
> Thanks. I talked to my friend who's hosting my box, and he's very
> paranoid, so he blocked those ports. After he opens them up for me,
> I'll try again. Or as he says, "sure, expose yourself to the world,
> see if I care."
It's only paranoia if they're not out to get you. As the guy who
monitors the firewall logs for my site, I can tell you that we are
attacked via automated script which tries to compromise RPC services
(of which NFS is one) about once an hour. These scans are fully
automated and usually cover our entire IP address space. You can bet
they're doing the same to your IP address space.
Running NFS over the Internet is one of the surest ways to get your
machine compromised. If you insist on doing this, you're asking for
trouble.
--
Derek Martin
Senior System Administrator
Mission Critical Linux
martin at MissionCriticalLinux.com
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list