[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Rule-list] What is sunrpc?
From: |
Ed Blackman |
Subject: |
Re: [Rule-list] What is sunrpc? |
Date: |
Mon, 22 Jul 2002 16:59:34 -0400 |
User-agent: |
Mutt/1.2.5.1i |
On Mon, Jul 22, 2002 at 08:42:30PM +0200, Marco Fioretti wrote:
> 111/tcp open sunrpc
[...]
> Do you know what service this is, and if there is any reason to
> leave it open/running on a typical RULE box?
It's the RPC portmapper, necessary (as far as I know) for NFS and
possibly NIS/NIS+ (network yellow pages). It definitely shouldn't be
open to the Internet, and probably shouldn't be running (I don't know
of any other programs that require it, but that doesn't mean there
aren't any) if you're not running an NFS server or NIS/NIS+.
A Google search for "port 111 sunrpc" turned up a bunch of links
explaining what it does, and what the vulnerabilities are. The SANS
Institute puts buffer overflows in RPC services at the top of their
list of Unix vulnerabilities:
http://www.sans.org/top20.htm#_Toc526136830
Ed
pgpjuR436W0b7.pgp
Description: PGP signature