[ale] sun rpc services

Fletch fletch at phydeaux.org
Thu Dec 14 16:08:37 EST 2000


>>>>> "Martin" == Martin Nichols <mnichol at webentrada.com> writes:

    Martin> Good Afternoon, I am running a red Hat 6.2 box and would
    Martin> like to disable the services running on port 111. Any
    Martin> suggestions?  Thank You,

        Only one service (the portmapper) runs on 111.  The different
services run on other ports, and the portmapper simply provides a way
to map a particular program to a transport level port.  And killing
or not starting the portmapper doesn't give you real protection since
a determined person could try sending RPC calls to the usual ports
that the services start up on.

        If you don't need them, then don't start them (in redhatish
setups just run ntsysv and uncheck portmap and nfs and that should get 
most of them).  If you do really need to run the services on something 
that can be seen from the outside world, set up a firewall that denies 
all traffic by default and then open up the ports in question on the
internal device only as needed (rpcinfo -p localhost will show what
ports services are running on).


-- 
Fletch                | "If you find my answers frightening,       __`'/|
fletch at phydeaux.org   |  Vincent, you should cease askin'          \ o.O'
770 933-0600 x211(w)  |  scary questions." -- Jules                =(___)=
                      |                                               U
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list