SUMMARY and FOLLOWUP: nscd and udp port 53539

From: Jesse Whyte (jwhyte@mail.state.tn.us)
Date: Mon Nov 09 1998 - 08:27:08 CST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The original question was:
"Does anyone know why NSCD in Solaris 2.5.1 opens a UDP port (53539)?
I don't understand why NSCD would need to communicate with anything in
the outside world. The fact that it does actually scares me a little,
what does any other machine need to know what my cache hit ratios or
the entries in my cache look like?"

My thanks go out to Mark Neill, Brion Leary, and Suzanne Taylor for
their responses which are included below. Ultimately, no one knew why
the Solaris distribution nscd (Naming Services Caching Daemon),
although Brion has what I think is probably the right
answer...although it
brooks another question.

Is /usr/sbin/nscd caching DNS and NIS/NIS+ data? The man page for
nscd describes how nscd goes to lengths to avoid compromising NIS+
security by checking permissions on the appropriate local files.
There is no mention whatsoever in the man pages, or the Answerbook on
any caching of DNS. A truss on the running nscd shows that
it is stat()ing /etc/nsswitch.conf when it checks the file permissions
for /etc/passwd, /etc/group, and /etc/hosts. However, there is no
other useful purpose I can imagine for nscd binding to that port...

- - From Mark Neill...
NSCD is the NetScape Calendar Daemon......it's netscape's scheduling
system, and it uses that port to communicates with clients trying to
access it's calendars.

- - From Suzanne Taylor...
I don't know why - but we have had many problems with the caching that
nscd does. On 2 different occassions, I had Sun Engineers tell me not
to run nscd. As part of our installs/jumpstarts, we now delete nscd.

- - From Brion Leary...
NSCD, the Name Server Cache Daemon, caches DNS and NIS data. My guess,
it queries for it's data using UDP. Is it listening on this port or
communuicating on it?

Jesse Whyte
Security Analyst
Office of Information Resources
State of Tennessee
(615)741-8651
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>

iQA/AwUBNkb7vD2wmNnmGEJyEQJu6ACgijTDm4VWIvOqt2H93ljgBtKa0PYAnRg2
IA7W/olxIzIXT9OIZzmiCzVE
=A43h
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:52 CDT