[ale] Mandrake upgrade via nfs

Bob Toxen bob at verysecurelinux.com
Thu Nov 11 14:27:27 EST 2004 

NFS has SERIOUS security problems.  At the very least add an IP Chains/Tables
rule to only accept NFS packets from the IP that is your NFS server.

A better solution might to download the new version's image to a local
system set up as your NFS server.  Break your connection to the Internet
and then do the upgrade, test/debug.

I agree that NFS installs/upgrades work great.  I used to do this a lot
with Slackware for old laptops that didn't have CDs to avoid a dozen floppy
xfers.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

On Thu, Nov 11, 2004 at 01:12:52PM -0500, Robert Karaffa wrote:
> hi folks,
> 	my mandrake 9.2 box acts as my internet gateway/firewall/dns.  i 
> recently upgraded it from mandrake 8.2 (actually i reinstalled the OS 
> rather than upgrade...and am happy that i did).  i did the reinstall 
> via nfs because it was faster than trying to feed CDs to the machine, 
> and it only boots from a floppy anyway.  worked like a charm.
> 
> the question:  since this box is my internet gateway/firewall/dns, i am 
> wondering if it is possible to upgrade it to mandrake 10.1 via nfs....?
> 
> the reason i ask is this:  when i did the aforementioned upgrade, i 
> used an old Macintosh as a internet gateway/firewall/dns replacement 
> until i could get the mandrake box back on-line.  now that it is, i'm 
> not sure i understand how to do an upgrade via nfs when the box i wish 
> to upgrade is the dns for my home LAN...
> 
> zat make sense?
> 
> -Bob K.
> 
> -- 
> **************************
> Robert E. Karaffa, II
> Technical Director
> Emory University School of Medicine
> Flow Cytometry Core Facility
> 1364 Clifton Rd. N.E.
> Box 82
> Atlanta, Ga 30322
> voice: 404/712-4429
> fax:  404/727-8993
> e-mail: rkaraff at emory.edu
> web:  http://www.corelabs.emory.edu/home.cfm#flo
> **************************
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list