From owner-freebsd-questions  Mon Dec 14 00:21:57 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA22487
          for freebsd-questions-outgoing; Mon, 14 Dec 1998 00:21:57 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA22482
          for <questions@FreeBSD.ORG>; Mon, 14 Dec 1998 00:21:54 -0800 (PST)
          (envelope-from kpielorz@tdx.co.uk)
Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242])
	by caladan.tdx.co.uk (8.9.1a/8.9.1) with ESMTP id IAA03903;
	Mon, 14 Dec 1998 08:21:44 GMT
Message-ID: <3674CA98.5F1C070D@tdx.co.uk>
Date: Mon, 14 Dec 1998 08:21:44 +0000
From: Karl Pielorz <kpielorz@tdx.co.uk>
Organization: TDX - The Digital eXchange
X-Mailer: Mozilla 4.5 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: Geoffrey Robinson <geoffr@globalserve.net>
CC: questions@FreeBSD.ORG
Subject: Re: Port 111
References: <3674C77B.E7504EB5@globalserve.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG



Geoffrey Robinson wrote:
> 
> Recently I installed FreeBSD 2.2.7 for the first time (prior to that I was
> using 2.2.5) and discovered an open port I've never seen before:
> 
> tcp    0   0  *.111       *.*         LISTEN
> 
> I didn't notice this right away and though somebody had hack me and left a
> back door open on port 111 at the time. Soon after that I found port 111
> was open an another system running 2.2.7 that hadn't ever been connected to
> the Internet. I looked it up in /etc/services which lists it as Sun Remote
> Procedure Call. I check the man pages, /etc/inetd.conf and /etc/rc.conf but
> can't find any reference to it.
> 
> I have a pretty good guess what it's for but don't have any use for it. How
> to I turn it off?

Edit /etc/rc.conf - and make sure 'rpc_portmapper', 'rpc_statd' and any other
'rpc' services are set to 'no'.

I've seen a few hacks for RPC services, these mostly tended to be on Linux
though... 
By default rpc_statd and portmapper are enabled on FreeBSD 'clean' installs...
- There on my 'normal install' list I run through when setting up new boxes as
a reminder to turn them off... ;-)

You will probably need them if you use NFS though...

-Kp

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message