Package: portmap
Version: 5-14
Severity: minor
This text is displayed for the configuration of the loopback-only
setting:
----------------------------------------------------------------------
Portmap by default listens to all IP addresses. However, if you are
not using RPC services that connect to remote servers (like NFS or
NIS) you can safely bind it to the loopback IP address 127.0.0.1.
This will allow RPC local services (like FAM) to work properly while
preventing remote systems from accessing your RPC services.
You can change this configuration also by editing the OPTIONS line in
the /etc/default/portmap file. If you just don't specify the -i option
it will bind to all interfaces.
Should portmap be bound to the loopback address?
<Yes> <No>
----------------------------------------------------------------------
The rationale for leaving the portmapper accessible from the outside is
wrong. I haven't really checked, but IIRC it is not necessary for an NFS
*client* as described. It is definitely for an NFS *server*.
It is also necessary if the server provides other RPC-based services to
the world outside it's interfaces.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (100, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-lpc.7.k7
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages portmap depends on:
ii debconf [debconf-2.0] 1.4.51 Debian configuration management sy
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
-- debconf information:
* portmap/loopback: false
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
