To close the circle: Google reveals some hints for setting up NFS with iptables. Here are some links that might give you a starting point:
http://lists.debian.org/debian-firewall/2005/12/msg00020.html (good thread) http://www.ba.infn.it/calcolo/documenti/NFSServer.html#Firewall (NFS w. IPTables HowTo) http://www.google.co.uk/search?q=iptables+nfs&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a (everything else) Feel free to alter the google query to get even more ideas :) Kind regards, stephan > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Along the lines which SRM has raised, it may be wiser to modify or > refine the IPTables and install either Open Source Tripwire (OST) or > Tripwire or another security tool for helping identify server > security vulnerabilities so that one can construct an ever stronger > or better protected server. > > Of course, the issue is really what is being done with the server. > If it is open to the net in any capacity shutting down the IPTables > is not a solution as you are inviting others to turn your server in > the equivalent of a spawning system for virii, spam and worse. > Shutting down the IPTables is even a worse option if that is the only > security system you know of and/or tool which you have. The harder > and more prudent approach is a combined strategy of multiple security > tools for your server. I've suggested one security system I know > about which works on YDL. There are probably others. > > Security, has become everyone's business to insure that one is not > propagating problems for others via the server or client one owns. > It's the new public hygiene like the unpleasant but necessary > consideration of any other hygiene issue. In the end, it is in one's > best interest to make the time to master the details. > > Perhaps a list of security systems like OST, and others, which work > on YDL can be tested and listed somewhere as a reference. > Best wishes... > > On Jan 4, 2008, at 5:49 AM, [EMAIL PROTECTED] wrote: > >> >> >>> On Thursday 03 January 2008 17:45, Stephen Thudium wrote: >>>> NFS now works!! >>>> >>>> I found my mistake: I needed to disable IPtables at the server. >>>> >>>> Thanks, everyone for your help. >>>> >>>> BTW, I would be willing to write a NFS HOWTO, if anyone can use >>>> that. >>> >>> Please consider submitting it to: >>> http://www.terrasoftsolutions.com/showcase/story-submit.shtml >>> >>> kai >>> _______________________________________________ >> >> That only tells you that you have to alter your IPtables setup. >> As long as you don't have an additional, sufficient firewall i >> think it is >> not a good idea to disable your firewall on the server, given this >> server >> is somehow connected to the outside world. >> >> Regards, >> stephan >> >> _______________________________________________ >> yellowdog-newbie mailing list >> [email protected] >> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-newbie > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (Darwin) > > iD8DBQFHfhjAFvoPHRAQim0RAmFpAKCfBLlWRUFDJyBB8tZRZxCUyWOoNACdEX3K > Y/QpGVkJLakDOstDvxJ0J5w= > =Ekco > -----END PGP SIGNATURE----- > _______________________________________________ > yellowdog-newbie mailing list > [email protected] > http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-newbie > _______________________________________________ yellowdog-newbie mailing list [email protected] http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-newbie
