Subject: Security concerns with bootpd and tftp
To: None <email@example.com>
From: nm <firstname.lastname@example.org>
Date: 09/04/1998 14:05:26
I have always heard that bootpd and tftp are both accidents waiting
I have an XTerm that boots off of my NetBSD/Alpha system and I do not
want any remote exploits via bootpd or tftp so I set up some firewall
rules like so...
block in from any to any port < 1024
pass in from trusted_host to any
pass in from xterm_host to any
pass out from any to any
Now from my trusted_host I can ftp in, telnet in, etc and all is well,
but when the XTerm is booting it cannot seem to get an ip.
Any suggestions here?