System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

How to Block RPC Services ( Port 111 ) to avoid buffer overflow

SOLVED
Go to solution
Eric Unix
Frequent Advisor

How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Hello all :

How to Block RPC Services ( Port 111 ) to avoid buffer overflow .
Thanks for your kind input. :-)

BR
eric
Look forward
16 REPLIES
Dennis Handly
Acclaimed Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

It might be better to get a fix for this problem.
rick jones
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Avoid what _sort_ of buffer overflow?
there is no rest for the wicked yet the virtuous have no pillows
Eric Unix
Frequent Advisor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Hello Rick

Thanks your input.
I just know I need to " Block RPC Services ( Port 111 ) to avoid buffer overflow " .
But, i cannot understand your question, would you give more information about it .
thanks a lot.

Best Regards
Eric
Look forward
rick jones
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

You need to get the person telling you to do this to give a bit more explanation as to what sort of buffer overflow is taking place. Otherwise, there is little to no guarantee that disabling RPC will "solve" the problem and every chance it might break something.
there is no rest for the wicked yet the virtuous have no pillows
Laurent Menase
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

IPfilter
Armin Kunaschik
Esteemed Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

If your services don't need RPC then simply don't start it! That means you have to completely disable NFS, autofs, NIS etc via /etc/rc.config.d/nfsconf|namesrvs...
A running rpcbind was usually activated because any service depends on it!
See "rpcinfo -p localhost" for registered services".

If you use NFS (either client or server) or any other RPC sercvice, you can't disable portmapper (rpcbind).

My 2 cents,
Armin

PS: Assign points if you find answers useful!
And now for something completely different...
Laurent Menase
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Else what buffer overflow are you speaking about?
Avinash20
Honored Contributor
Solution

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

If you are using NFS, you cannot block 111 since it is a critical service which is needed

If you like to disable it, stop nfs.client and nfs.server

or

cat /etc/services| grep 111
portmap 111/tcp sunrpc # SUN Remote Procedure Call
portmap 111/udp sunrpc #


Comment the above two entries..

But we like to know why you like to block it.

## You could also block the port on the Firewall.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Eric Unix
Frequent Advisor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Hello All

Thanks for all of your kind input.
We recently have a security audit, so need to do this action. But, we seems still need this RPC service, so have any method to explain it to say the " RPC " service is safe ?

Thanks a lot.

BR
eric
Look forward
Laurent Menase
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

If you want stamped paper you'll need to contact hp support.

Else for already known security problems, all the communication is made through Security bulletins. - for instance there is once for ONC on 11.31, be sure to have ONC 11.31.06 installed-
T G Manikandan
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

What OS are you talking about?
Eric Unix
Frequent Advisor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Hello All

1.My OS is hp unix 11.11 and hp unix 11.23
2. Does there are any patch to fix it ?


BR
eric
Look forward
Laurent Menase
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

I am not aware of any known problem there on 11.11 and 11.23.
T G Manikandan
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

I think you are talking about

http://www.cert.org/advisories/CA-2002-26.html

Please check.
Laurent Menase
Honored Contributor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Shailendran V Naidu
Frequent Advisor

Re: How to Block RPC Services ( Port 111 ) to avoid buffer overflow

Hi Eric,
I think the reason you are trying to block RPC Port 111 is to avoid a Buffer overflow.
But this kind of Vulnerability is in Microsoft Windows and not in HP-UX.

See:
http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx

and

http://www.microsoft.com/technet/security/bulletin/MS03-039.mspx


Please verify with your Security auditor or Admin if they are providing the right advise for the Right Operating systems.

This after all may just be a confusion.