config files obfuscation [was: Configuring NFS under Linux for Firewall control]
Paul W. Frields
paul at frields.com
Wed Dec 1 22:42:50 UTC 2004
On Wed, 2004-12-01 at 14:02 -0800, Florin Andrei wrote:
[...snip...]
> > # Default is to use portmap
> > # LOCKD_TCPPORT=
> > # LOCKD_UDPPORT=
> > # RQUOTAD_PORT=
> > # MOUNTD_PORT=
> > # -------------------
> >
> > I haven't BZ'd this since I wasn't sure if anyone agreed with my
> > suggestion, but will do so if I can get a second on the motion.
>
> I'm not sure about the details either, but overall this is what i was
> talking about.
> Perhaps don't leave the *PORT variables empty, but add sensible values?
Sensible values will be widely variant from one location to the next. A
"sensible value" is one that gets through *your* firewall. What's there
should be good enough for even the laziest admin, IMHO, and yes, I
resemble that remark too. :-)
--
Paul W. Frields, RHCE
More information about the devel
mailing list