Re: strange log entry
On Wed, May 23, 2001 at 10:58:43PM -0700, Wade Richards wrote:
> Yep, it's a security problem. Someone is trying to hack into your system
> using one of many known security bugs in the rpc daemon.
> If you don't need the rpc stuff running, then just disable it (better yet,
> uninstall it). If you really do need it running, but it's only used
> locally, then I suggest you use ipchains to drop any packets targeted to
> port 111. But best is to simply remove it entirely.
That only blocks portmap. Other UDP services can be found with a UDP port
scan by e.g. nmap.
#define X(x,y) x##y
Peter Cordes ; e-mail: X(email@example.com. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE