HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- rpc.mountd
Operating System - HP-UX
1839980
Members
2458
Online
110158
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2003 05:24 AM
05-20-2003 05:24 AM
rpc.mountd
Hi Admins,
In the ISS scan I have gotten a vulnerability rpc.mountd operatin on a
nonrserved port. I have searched the ITRC,
there was a solution of applying patch (PHNE_22125 | 28102 | 28567) . I
have applied the patch 28567 but when I lookup
via rpcinfo command but it is already at the non-reserved ports.
rpcinfo -p | grep mountd
100005 1 udp 49220 mountd
100005 3 udp 49220 mountd
100005 1 tcp 49162 mountd
100005 3 tcp 49162 mountd
In the man pages, it says that if you dont give -p option to the mountd
it will be operate on reserved port but it is not true.
With -p it is again on non-reserved port..
Any ideas ??
In the ISS scan I have gotten a vulnerability rpc.mountd operatin on a
nonrserved port. I have searched the ITRC,
there was a solution of applying patch (PHNE_22125 | 28102 | 28567) . I
have applied the patch 28567 but when I lookup
via rpcinfo command but it is already at the non-reserved ports.
rpcinfo -p | grep mountd
100005 1 udp 49220 mountd
100005 3 udp 49220 mountd
100005 1 tcp 49162 mountd
100005 3 tcp 49162 mountd
In the man pages, it says that if you dont give -p option to the mountd
it will be operate on reserved port but it is not true.
With -p it is again on non-reserved port..
Any ideas ??
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2003 07:21 AM
05-20-2003 07:21 AM
Re: rpc.mountd
This vulnerability can be closed by only starting rpc.mountd
from /etc/inetd.conf and using /usr/adm/inetd.sec to control
which clients may have access to the rpc.mountd program.
Uncomment (or add) the rpc.mountd line in /etc/inetd.conf:
rpc dgram udp wait root /usr/etc/rpc.mountd 100005 1 rpc.mountd -e
The "-e" option causes rpc.mountd to exit after serving each
RPC request, allowing inetd.sec to validate the authority of
each RPC request.
Be sure to start inetd with logging turned on (inetd -l) by
modifying the /etc/netlinkrc line for inetd from:
[ -x /etc/inetd ] && /etc/inetd && /bin/echo "inetd \c"
to be:
[ -x /etc/inetd ] && /etc/inetd -l && /bin/echo "inetd \c"
rpc.mountd handles each RPC request properly using inetd, as
NFS is a stateless protocol that relies on RPC and UDP packets
to deal with mount requests. However, showmount (1M) cannot
be used when rpc.mountd is started from inetd since showmount
uses TCP to get information from rpc.mountd and inetd only
registers the udp port.
from /etc/inetd.conf and using /usr/adm/inetd.sec to control
which clients may have access to the rpc.mountd program.
Uncomment (or add) the rpc.mountd line in /etc/inetd.conf:
rpc dgram udp wait root /usr/etc/rpc.mountd 100005 1 rpc.mountd -e
The "-e" option causes rpc.mountd to exit after serving each
RPC request, allowing inetd.sec to validate the authority of
each RPC request.
Be sure to start inetd with logging turned on (inetd -l) by
modifying the /etc/netlinkrc line for inetd from:
[ -x /etc/inetd ] && /etc/inetd && /bin/echo "inetd \c"
to be:
[ -x /etc/inetd ] && /etc/inetd -l && /bin/echo "inetd \c"
rpc.mountd handles each RPC request properly using inetd, as
NFS is a stateless protocol that relies on RPC and UDP packets
to deal with mount requests. However, showmount (1M) cannot
be used when rpc.mountd is started from inetd since showmount
uses TCP to get information from rpc.mountd and inetd only
registers the udp port.
legionx
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-20-2003 07:23 AM
05-20-2003 07:23 AM
Re: rpc.mountd
see:
CONFIGURATION
HP-UX 11.X systems running the rpc.mountd protocol
RESOLUTION
Why does rpc.mountd on HP-UX 11.00 not use reserved ports by default?
Sun changed this functionality of mountd a few releases back. Since the
release of the 11.0 ONC/NFS patch PHNE_19620 in November 1999, HP-UX conforms
to the SUN standard by operating on a non-reserved port for TCP and UDP. If
you have a later version of the 11.0 ONC/NFS patch, or are running a later
version of HP-UX, rpc.mountd is not using reserved ports.
Why does the man page state the -p option changes the behavior or the
mountd protocol?
There is an Enhancement Request # 8606158805 for the man page to be updated
by the HP NFS Lab. This update is scheduled to be included in the 11.23
Release of HP-UX.
If rpc.mountd is started with or without the -p option the behavior is the
same, which is to operate on non-reserved ports. The -p option has no effect
on what ports the source of the mount request originates from. The man page
was never updated to reflect this change.
Why does Security Scan Software recognize this as a problem when run on HP-
UX servers?
Some versions of rpc.mountd will only accept NFS request from a reserved, or
privileged port. On UNIX clients, a privileged port is any port
numbered lower than 1024 that can be used as a source port only by system
processes with superuser credentials. On PC clients there is no concept of
privileged ports. HP-UX's current version of NFS does not use the privileged
port concept for its mount protocol. Instead, it relies on the AUTH_SYS,
AUTH_NULL procedures along with the trusted host model of authentication.
What Authentication type does HP-UX rpc.mountd protocol use?
HP-UX's rpc.mountd protocol uses the AUTH_SYS and AUTH_NULL procedures to
verify the UID and GID of the requestor. With AUTH_SYS, we make sure that the
UID of the requestor is root. If it is not, then the mount operation will fail
and return an access violation.
See Addison Wesley Professional Computing Series Book "NFS ILLUSTRATED"
by Brent Callaghan, ISBN 0-201-32570-5, for more information regarding
Authentication and the mount protocol.
CONFIGURATION
HP-UX 11.X systems running the rpc.mountd protocol
RESOLUTION
Why does rpc.mountd on HP-UX 11.00 not use reserved ports by default?
Sun changed this functionality of mountd a few releases back. Since the
release of the 11.0 ONC/NFS patch PHNE_19620 in November 1999, HP-UX conforms
to the SUN standard by operating on a non-reserved port for TCP and UDP. If
you have a later version of the 11.0 ONC/NFS patch, or are running a later
version of HP-UX, rpc.mountd is not using reserved ports.
Why does the man page state the -p option changes the behavior or the
mountd protocol?
There is an Enhancement Request # 8606158805 for the man page to be updated
by the HP NFS Lab. This update is scheduled to be included in the 11.23
Release of HP-UX.
If rpc.mountd is started with or without the -p option the behavior is the
same, which is to operate on non-reserved ports. The -p option has no effect
on what ports the source of the mount request originates from. The man page
was never updated to reflect this change.
Why does Security Scan Software recognize this as a problem when run on HP-
UX servers?
Some versions of rpc.mountd will only accept NFS request from a reserved, or
privileged port. On UNIX clients, a privileged port is any port
numbered lower than 1024 that can be used as a source port only by system
processes with superuser credentials. On PC clients there is no concept of
privileged ports. HP-UX's current version of NFS does not use the privileged
port concept for its mount protocol. Instead, it relies on the AUTH_SYS,
AUTH_NULL procedures along with the trusted host model of authentication.
What Authentication type does HP-UX rpc.mountd protocol use?
HP-UX's rpc.mountd protocol uses the AUTH_SYS and AUTH_NULL procedures to
verify the UID and GID of the requestor. With AUTH_SYS, we make sure that the
UID of the requestor is root. If it is not, then the mount operation will fail
and return an access violation.
See Addison Wesley Professional Computing Series Book "NFS ILLUSTRATED"
by Brent Callaghan, ISBN 0-201-32570-5, for more information regarding
Authentication and the mount protocol.
legionx
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP