Shorewall users - Oct 2002 - Redhat 8.0 - Portmapper

Hi Everyone,

Sorry to ask this question on this mailing list, but seeing as we have a
bunch of Linux guru''s I figured someone would know the answer.

I ran a nessus scan against my new redhat 8.0 firewall and it showed a
couple of possible vulnerabilities.

First it showed that I had a statd vulnerability and I did some research and
found out that this is used primaraly by NFS and you should remove the
nfs-util so I did a rpm --erase nfs-util and it looked like it removed that
package.

When I was reading about this vulnerability they also mentioned portmapper
in the articles and I was wondering do I need portmapper on a firewall
box???


Thanks for any advice on this matter
Mike

Martinez, Mike (MHS-ACS) wrote:
> Hi Everyone,
> 
> Sorry to ask this question on this mailing list, but seeing as we have a
> bunch of Linux guru''s I figured someone would know the answer.
> 
> I ran a nessus scan against my new redhat 8.0 firewall and it showed a
> couple of possible vulnerabilities.
> 
> First it showed that I had a statd vulnerability and I did some research
and
> found out that this is used primaraly by NFS and you should remove the
> nfs-util so I did a rpm --erase nfs-util and it looked like it removed that
> package.
> 
> When I was reading about this vulnerability they also mentioned portmapper
> in the articles and I was wondering do I need portmapper on a firewall
> box???
Port mapper is used by RPC servers -- you shouldn''t need it on a
firewall.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net