From: Andrew_Rotramel@cch-lis.com
Date: Wed Sep 11 2002 - 14:50:02 EDT
I will go ahead and summarize this now since I have an answer from Sun. The
first (and only) person on the list told me that with Solaris, I can't run
ypbind over a reserved port. I called Sun and they confirmed that ypbind
will run over a random high numbered port. Sun also said that while it is
not fixed in Solaris 9, enough folks have complained that it might be fixed
in Solaris 10.
Andrew
==========================================
Original Question:
Good morning everyone,
My security folks ran an ISS scan on my little 5-server network, and found
a few security problems. I have fixed them all except
for the fact that ypbind is running over a non-reserved port. I have spent
a week checking man pages, the Sunmanagers FAQ,
the Sunmanagers archives, google.com, my Solaris Security book, etc., but
can't figure out how to fix this one.
I have set the variable nfssrv:nfs_portmon=1 in /etc/system to run nfs
mountd over a secure port. Did that also take care of ypbind?
Can I do something similar for ypbind?
Thanks
Andrew
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:55 EDT