I will go ahead and summarize this now since I have an answer from Sun. The first (and only) person on the list told me that with Solaris, I can't run ypbind over a reserved port. I called Sun and they confirmed that ypbind will run over a random high numbered port. Sun also said that while it is not fixed in Solaris 9, enough folks have complained that it might be fixed in Solaris 10. Andrew ========================================== Original Question: Good morning everyone, My security folks ran an ISS scan on my little 5-server network, and found a few security problems. I have fixed them all except for the fact that ypbind is running over a non-reserved port. I have spent a week checking man pages, the Sunmanagers FAQ, the Sunmanagers archives, google.com, my Solaris Security book, etc., but can't figure out how to fix this one. I have set the variable nfssrv:nfs_portmon=1 in /etc/system to run nfs mountd over a secure port. Did that also take care of ypbind? Can I do something similar for ypbind? Thanks Andrew _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Wed Sep 11 14:55:17 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:54 EST