Thanks for your help,


I just turned sunprc off.  This is on my firewall
machine and I'm not using NIS or NFS.  If I don't
need it, I figured I might as well close it.

One more thing,

This is my home machine and since getting laid off
I don't have much need to ssh into it from the 
outside. I was wondering how I can get it to
only accept ssh connections on the internal
interface.

Joe  

--- "Jeremy C. Reed" <reed@reedmedia.net> wrote:
> > On Sat, 16 Feb 2002, joe bsd wrote:
> > > I ran nmap against my netbsd machine.  I saw
> that
> > > sunrpc service was open.  Is this a security
> risk?
> >
> > Maybe.
> 
> I want to expand on this. Just because some port is
> open doesn't mean it
> is a "security risk". If you are asking if this
> particular daemon has has
> an insecure protocol (like POP3) I don't know. If it
> the daemon itself has
> security problems then, of course, they should be
> fixed. (Most likely it
> doesn't have a security issue unless it is new or
> unknown.)
> 
> If you need a service but are worried about it, then
> use IPF and/or other
> firewalls to help limit to your own trusted users.
> 
>    Jeremy C. Reed
>    http://www.reedmedia.net/
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com