I wrote:
>While commenting out the portmap references in >/etc/init.d/netbase (Slink)to close the SunRPC port, >I noticed that the spoofprotect() rules to "deny incoming >packets pretending to be from our own system" were >commented out. > >1) why is this? [...] Marcus <[EMAIL PROTECTED]> replied, "They are commented out because they aren't needed. If you got a recent kernel, spoof-preventing is done in it. Thus ipchains and ipfwadm are commented out." >2) do any services other than RPC [services] need portmap? Seth Vidal <[EMAIL PROTECTED]> and Michael Wood <[EMAIL PROTECTED]> pretty much confirmed what I've learned: when I kill portmap, and nothing breaks, then I did OK. :-) Thanks to all for the replies! Tod abl.com
