TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:12807] bad day (more details)



On Mon, 24 Jan 2000, Dan Debertin wrote:

> The big problem is that NFS is host-based, and hostnames are easy to
> spoof. If you are allowing root equivalency as well, then you might as

You forgot the "if in asia" thing :)

Personally.  If using NFS I would make sure your also using yp with an
explicit hosts file so the ip's are solid and I would also setup the
interface/router so the "outside world" can't access the machine.
netgroup-based is the only way to setup nfs :)

-- 
Scott Dier <dieman@ringworld.org> #nicnac@efnet 612.301.0265
      destiny's admin       | Robots are most often found in server rooms, 
 http://www.ringworld.org   | wire closets, switching stations-basically,
       finger me at         | anywhere that offers maximum expousure to
dieman@destiny.ringworld.org| technology and minimum interaction with
     for gnupg/pgp key	    | human beings.
			    |  -NetSlaves(the book)/B.Lessard/S.Baldwin
			    |    (Robot is a NetSlave caste)