NFS ports for firewall?

Lonnie Olson fungus at aros.net
Thu Apr 28 16:47:11 MDT 2005


On Apr 28, 2005, at 4:30 PM, Charles Curley wrote:
> I recently added a wireless AP to my network. This means I now want
> firewalls on all my boxen. Which ports do I have to have open so I can
> export NFS?
>
> I found:
>
> sunrpc		111/tcp		portmapper	# RPC 4.0 portmapper TCP
> sunrpc		111/udp		portmapper	# RPC 4.0 portmapper UDP
> nfs		2049/tcp	nfsd
> nfs		2049/udp	nfsd
>
> What else?

Those should be fine for normal use, but you can also look at other 
open ports via `rpcinfo -p`.

Also be aware of security.  NFS has only host/IP based security.  
Meaning anyone driving by that can hop on your WAP, choose an IP 
address and mount your exports.  and may do nasty things.

--lonnie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2482 bytes
Desc: not available
Url : http://plug.org/pipermail/plug/attachments/20050428/d295bb9b/attachment.bin 


More information about the PLUG mailing list