[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: strange log entry

On Wed, May 23, 2001 at 10:58:43PM -0700, Wade Richards wrote:
> Yep, it's a security problem.  Someone is trying to hack into your system 
> using one of many known security bugs in the rpc daemon.
> If you don't need the rpc stuff running, then just disable it (better yet, 
> uninstall it).  If you really do need it running, but it's only used 
> locally, then I suggest you use ipchains to drop any packets targeted to 
> port 111.   But best is to simply remove it entirely.

 That only blocks portmap.  Other UDP services can be found with a UDP port
scan by e.g. nmap.

#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BCE

Reply to: