DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 9th June 2008
aleunix aleunix is offline
Real Name: Alessandro
Spam Deminer
 
Join Date: May 2008
Location: Italy
Posts: 224
Thanked 3 Times in 3 Posts
Default How secure are apps that using RPC portmapping?

How secure are apps that using RPC portmapping?
In general the golden rule for the security consists in activating fewer services possible and only when necessary.
Perhaps I will try an application (this is a file manager) that seems to apply to use this service, such dangers arise in safety?
Reply With Quote
  #2   (View Single Post)  
Old 9th June 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,830
Thanked 214 Times in 189 Posts
Default

Restrict usage of open ports by enabling OpenBSD's packet filter, PF.

Read the PF User's Guide and related man pages.
Reply With Quote
  #3   (View Single Post)  
Old 9th June 2008
aleunix aleunix is offline
Real Name: Alessandro
Spam Deminer
 
Join Date: May 2008
Location: Italy
Posts: 224
Thanked 3 Times in 3 Posts
Default

I like play on firewall, indeed I have already enabling OpenBSD's packet filter.

In essence, to reduce the problems a good solution might be to identify the ports used by the service and then set them for exclusive use at a local?
Reply With Quote
  #4   (View Single Post)  
Old 9th June 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,830
Thanked 214 Times in 189 Posts
Default

Correct. "$ netstat -an | grep LIST" will show you which TCP/UDP ports are open.
Reply With Quote
  #5   (View Single Post)  
Old 9th June 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

For more detailed information, excluding any outgoing/incoming UDP/TCP connections.
$ fstat | grep internet | grep -v -e '>' -e '<'
It could probably be done in a cleaner fashion, but at least with this, you can determine some additional information about the process that opened the port.

Last edited by BSDfan666; 9th June 2008 at 09:58 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sound in ALSA using linux apps TerryP FreeBSD General 1 29th May 2009 03:33 PM
Changing Workflow Apps ninjatux Off-Topic 1 1st January 2009 05:51 AM
optimizations in kernel and apps chill FreeBSD General 5 1st October 2008 05:49 AM
Blocking remote desktop apps bichumo General software and network 3 30th September 2008 08:14 PM
remove kde and kde dependent apps ccc FreeBSD Installation and Upgrading 2 12th May 2008 02:11 PM


All times are GMT. The time now is 09:35 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick