- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- RPC Security
Operating System - Linux
1823985
Members
4099
Online
109667
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-04-2008 05:03 AM
тАО04-04-2008 05:03 AM
RPC Security
Hello all
After an intrusion detection session, the security team suggested som operation to perfomr on the RH AS4U4 box.
one of this is to disable the RPC service (ports 755/UDP and 758/TCP) if not used or allow access only to trusted host/networks.
I cannot disable RPC service, but how to restrict access to a list of IPs and NETWORKs?
Same issue for RPC lockmanager (1026/UDP).
Thanks in advance
RV
After an intrusion detection session, the security team suggested som operation to perfomr on the RH AS4U4 box.
one of this is to disable the RPC service (ports 755/UDP and 758/TCP) if not used or allow access only to trusted host/networks.
I cannot disable RPC service, but how to restrict access to a list of IPs and NETWORKs?
Same issue for RPC lockmanager (1026/UDP).
Thanks in advance
RV
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-04-2008 06:22 AM
тАО04-04-2008 06:22 AM
Re: RPC Security
Using an iptables firewall would be your best option.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-05-2008 04:37 AM
тАО04-05-2008 04:37 AM
Re: RPC Security
I agree with Ivan on iptables, but there might be another option: many Linux distributions compile their RPC services with built-in libwrap support.
Any libwrap-enabled services can be restricted using /etc/hosts.allow and /etc/hosts.deny, just like when using TCP wrappers on inetd services. Read the man page of your RPC service processes and/or the associated documentation in /usr/share/doc directory to find out if this is available.
To get multiple layers of defense, you could of course use both iptables and libwrap features together.
MK
Any libwrap-enabled services can be restricted using /etc/hosts.allow and /etc/hosts.deny, just like when using TCP wrappers on inetd services. Read the man page of your RPC service processes and/or the associated documentation in /usr/share/doc directory to find out if this is available.
To get multiple layers of defense, you could of course use both iptables and libwrap features together.
MK
MK
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Learn About
News and Events
Support
© Copyright 2025 Hewlett Packard Enterprise Development LP