Security

I just read through the referrer statistics that Sitemeter has been collecting. My placement in a number of the search results was rather high. For example, this search on Notes, OpenBSD and firewall ranks my resume at #3. My resume probably won't help the person who asked Google for help, but I could. Does this mean I have a well-written resume?

Open ports 1352/tcp and 1352/udp to allow NotesRPC traffic through your wall. If you've enabled other Domino services, then you may want to add the the appropriate ports for those protocols as well. Bear in mind that you may not want to allow all Notes traffic into your network. Opening this hole should be considered within the context of your overall security architecture.

These rules for ipf(8) will allow NotesRPC into one interface of your OpenBSD box, and back out the same interface. Whether or not those packets are allowed out the internal interface would depend on the rules on the internal interface. To answer the question exactly requires knowledge of the network to be protected.

pass in on le0 proto tcp from any to myIPAddress port = 1352 keep state
pass in on le0 proto udp from any to myIPAddress port = 1352 keep state
pass out on le0 proto tcp from myIPAddress port = 1352 to any keep state
pass out on le0 proto udp from myIPAddress port = 1352 to any keep state

While on the one hand it's just a matter of reading the manual, on the other it requires knowing your environment well enough to the understand the consequences of your action. You may find this article at O'Reilly helpful.

5:34:00 PM #
categories: Security, System Administration