+--- In a previous state of mind, Brian Atkins brian@posthuman.com wrote: | | is it going to wig out and die ? I mean people seem to find | bugs in the networking code of NT every month- how stable | is the filer's OS? Barring any misconfiguration or inherent | bugs in the protocols (nfs), is it gonna be rock solid? Or | are we gonna have to pamper it behind a firewall or something?
No. Since the filer only runs a finite set of services (telnet, rsh, nfs, cifs, http, I think I may have missed something), a port scan will only hit those you have enabled.
This is not an NT server. The filers are pretty well tested. I would not put the filer on an insecure network, but this is all part of the architecture you have.
I would definitely take all the steps toward making the filer safe (ie: use private IPs, no routing, no dns, restrict exports to specific hosts, no hosts.equiv, etc).
Perhaps others have beaten on their filers more than I have in this regard.
Alex