I do read the CERT advisories and know that RPC and NFS are not secure. Our PSN will be as secure as our PRO, just without NAT. Maybe "IP Pass Through" is not the proper GNATBox term. We have to eliminate NAT because the GNATBox cannot support H.323 protocol for apps like NetMeeting. And it doesn't matter which way you slice (NFS server on PRO or PSN), I have to open certain ports. Before I tried, I thought I might ask if anyone was doing the same and how it works.
Jason S. Antonacci Computer Support Specialist IV Univ. of Georgia - Savannah River Ecology Lab ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Office: 803.725.5894 Pager: 706.869.4043 Fax: 503.218.7129 Email: [EMAIL PROTECTED] >>> "David W. Morris" <[EMAIL PROTECTED]> 21 Jan 00 12:50:05 >>> It is not a good idea to export NFS from the PRO to any other network. If you feel compelled to use shared files, export from the PSN to the PRO. The reason for a PSN at all is to avoid the risk to your PRO if the PSN is compromised. Opening up a NFS server on the PRO to the PSN increases the risk of exploit. Dave Morris On Fri, 21 Jan 2000, Jason Antonacci wrote: > We are setting up a PSN with IP Pass Through in order to run Netmeeting. I want to >do an NFS mount of our HTTP Proxy Configuration files from the Linux server on the >PRO to simplify administering two machines. I cannot run just one because each >provides separate sets of services to their networks. > > I know I will have to have the SunRPC port 111. > > Jason S. Antonacci > Computer Support Specialist IV > Univ. of Georgia - Savannah River Ecology Lab > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Office: 803.725.5894 > Pager: 706.869.4043 > Fax: 503.218.7129 > Email: [EMAIL PROTECTED] > >
BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:Jason Antonacci TEL;WORK:725-5894 ORG:;Comp Svcs EMAIL;WORK;PREF;NGW:anton.SREL.SREL N:Antonacci;Jason TITLE:Co-op X-GWUSERID:anton END:VCARD
