Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ports and privileges

From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Thu, 26 Feb 1998 11:14:36 -0500 (EST)
Correct me if I am wrong (hey someone surly will :)
but isnt nfs (port 2049) udp only?  So wouldnt tcp to port 2049be a non
issue?


With newer NFS, TCP is more an option.  In fact, Sun's observation on
this is:

"NFS never had a dependency on UDP, and the increasing number of TCP
implementations demonstrates that NFS can enjoy the benefits of
congestion avoidance and error recovery that TCP offers. Additionally,
NFS version 3 offers features that make NFS particularly suitable for
WANs, and especially the Internet."

<URL: http://www.sun.com/solaris/networking/pubnfs.html>


As for changing the port access on solaris:
/usr/sbin/ndd /dev/tcp tcp_smallest_nonpriv_port <first nonpriv port>
/usr/sbin/ndd /dev/udp udp_smallest_nonpriv_port <first nonpriv port>


Good catch!  Except:
        /usr/sbin/ndd -set ...

My turn to be possibly wrong: this appears to be a Sun-ism, unique to
Solaris.  The Sun culture derives from the Berkeley culture: "Hey!
I've got a neat idea!  Let's put it in!"  ;->

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
Previous By Date Next
Previous By Thread Next

Current thread: