[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security issues and LDM (fwd)

This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.

Subject: Re: Security issues and LDM (fwd)
Date: Tue, 15 May 2001 14:52:30 -0600 (MDT)

===============================================================================
Robb Kambic                                Unidata Program Center
Software Engineer III                      Univ. Corp for Atmospheric Research
address@hidden             WWW: http://www.unidata.ucar.edu/
===============================================================================

---------- Forwarded message ----------
Date: Tue, 15 May 2001 15:22:17 -0400
From: Michael W Dross <address@hidden>
To: Jeff Wolfe <address@hidden>
Subject: Re: Security issues and LDM

Jeff,

There are others on this dist list that can probably answer this question
better than I, but I will let you know what I know....
LDM uses port 388. We have our firewall setup to allow traffic across the
TCP/UDP on port 388 to a few specific IP's
we send/receive data from. Our security folks have been comfortable with
this arrangement, and thats saying a lot
since our servers are on the same internal network along with our 7 nuclear
reactors :-)  They have run a number of
test to try and hack through into our system and have not had a problem
with LDM.

Also, I have played around with my Linksys router at home and by forwarding
just port 388, allows LDM to communicate
fine. So I don't believe that not having port 111 open will cause LDM
problems.

Mike Dross
Meteorologist
Duke Energy

                    Jeff Wolfe                                                  

                    <address@hidden>           To:     address@hidden           

                    Sent by:                      cc:                           

                    owner-ldm-users@unidat        bcc:                          

                    a.ucar.edu                    Subject:     Security issues 
and LDM                                       

                    05/15/01 02:40 PM                                           

Hi folks,

I'm sure everyone is aware of the ever increasing number of worms and other

security compromises that are happening on the 'net these days. The local
security folks here want to put a blanket filter on our internet
connection for inbound port 111. The idea is that by filtering port 111,
they
make it just a bit harder for the various miscreants to find vulnerable RPC

services.

I'm trying to understand what effects that will have on our LDM servers. I
vaguely remember running ldm for a while without having the /etc/rpc file
edited properly, but that was a long time ago. I'm thinking we'll be able
to
connect to other servers, but nobody will be able to connect to us.

Longer term, has anyone considered what will happen with LDM as firewalls,
proxy servers and other security measures become more prevalent? RPC isn't
the
most firewall friendly protocol ever invented.

-JEff

Prev by Date: RE: NNEXRAD feed
Next by Date: RE: Security issues and LDM (fwd)
Previous by thread: RE: NNEXRAD feed
Next by thread: RE: Security issues and LDM (fwd)
Index(es):
- Date
- Thread