Re: Port 111
On 2 Nov 2004, JM wrote:
[ Conventionally, replies go below existing material; that is, after
all, the normal reading order for English text. ]
>> Thanks Daniel for the explanations about posting a message properly.
>>
>> This is what it shows after rpcinfo:
>> rpcinfo -p
>> program vers proto port
>> 100000 2 tcp 111 portmapper
>> 100000 2 udp 111 portmapper
>> 391002 1 tcp 32768 sgi_fam
>> 391002 2 tcp 32768 sgi_fam
>>
>> For a minute before doing this, I thought that somehow port 111 was
>> exposed to the internet. Mostly because the firewall did not show this
>> port open previously. However, since it appears to be solely the portmap
>> server, it seems to be ok. I wonder why the firewall shows this port open
>> and before it did not. Anyways, it seems to be open only locally.
>
> I don't use NFS service and the only service I could see that portmap is
> necessary in my case is the NIS service.
Well, your rpcinfo above shows one other feature that uses traditional
RPC: the 'FAM' or 'File Alteration Monitor' package used by GNOME and,
possibly, others.
> I deinstalled portmap. Is there another critical service that could
> use the sunrpc? I just don't see the need of having port 111 open. But
> again, I am just a beginner.
Unless you care about using FAM, there isn't any need for it.
If this is a firewall machine, you probably don't have a great need for
the 'fam' package. ;)
Daniel
--
In the present-day reconstruction of physics, fragments of the Newtonian
concepts are stubbornly retained. The result is to reduce modern physics to a
sort of mystic chant over an unintelligible universe.
-- Alfred North Whitehead, _Modes of Thought_
Reply to: