Portmapper port 111 vulnerability

Joel Pavon · ‎02-28-2008

Hi,

I try to close the port 111 on /etc/services files, because an analisys of vulnerability report as vulnerable, how ever, I put the # character at begining of the line in /etc/services, but the vulnerability analisys continues reporting as open port or service.

How can I close this service or port?

Pupil_1 · ‎02-28-2008

use netstat -an |grep 111 to check if the port is in use.

use lsof -i |grep 111 to identify the PID of the process that's using the port, review / stop /kill the PID and comment the entry in /etc/services for denying it to be used in the future.

Cheers

There is always something new to learn everyday !!

TTr · ‎02-28-2008

Commenting out a port name in /etc/services does not disable any ports. The /etc/services file is a look-up table (just like /etc/hosts) that converts port numbers to service names.

The service that listens in port 111 is the rpcbind service. You can see it with "rpcinfo -p".

Now this service is needed by NFS and NIS and if you turn it off it will affect those services. If you don't use NFS or NIS then you can turn off rpcbind by turning off those services.

If you need NFS/NIS then you must have rpcbind running. You can limit what servers can connect to your rpc service by putting "allow" entries in the /var/adm/inetd.sec file for those servers/IPaddresses that are allowed to connect to your server.

You don't always have to turn off everything that a vulnerability report shows as long as you justify the need and narrow down the connectivity field.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Portmapper port 111 vulnerability

Portmapper port 111 vulnerability

Re: Portmapper port 111 vulnerability

Re: Portmapper port 111 vulnerability