NFS ports for firewall?
Lonnie Olson
fungus at aros.net
Thu Apr 28 16:47:11 MDT 2005
On Apr 28, 2005, at 4:30 PM, Charles Curley wrote:
> I recently added a wireless AP to my network. This means I now want
> firewalls on all my boxen. Which ports do I have to have open so I can
> export NFS?
>
> I found:
>
> sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP
> sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP
> nfs 2049/tcp nfsd
> nfs 2049/udp nfsd
>
> What else?
Those should be fine for normal use, but you can also look at other
open ports via `rpcinfo -p`.
Also be aware of security. NFS has only host/IP based security.
Meaning anyone driving by that can hop on your WAP, choose an IP
address and mount your exports. and may do nasty things.
--lonnie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2482 bytes
Desc: not available
Url : http://plug.org/pipermail/plug/attachments/20050428/d295bb9b/attachment.bin
More information about the PLUG
mailing list