As far as I understood rpcbind is used for listing active services, and telling the requesting client where to send the RPC request. If a host listens on port 111, one can use rpcinfo to get program numbers and ports and services running; For example look at below:
root@bt:~# rpcinfo -p x.x.x.x
program vers proto port
100001 2 udp 111 portmapper
100000 3 udp 111 portmapper
100005 3 udp 1048 mountd
100022 1 tcp 1047 nlockmgr
100021 4 udp 1047 nlockmgr
100026 1 tcp 1039 status
100029 1 udp 1039 status
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
What is the security risk of it?
Where we usually need to open port 111 and when can we close it without any other services fail?
Aucun commentaire:
Enregistrer un commentaire