Date: Wed, 13 Mar 2002 00:11:29 -0600 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: Steve 1 <ukla@attbi.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: RPC - any needed? Message-ID: <5.1.0.14.0.20020313000322.03970688@pop3s.schulte.org> In-Reply-To: <B8B4294D.23AC%ukla@attbi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:53 PM 3/12/2002 -0800, Steve 1 wrote:
>Hi all,
>
>I'm looking to secure my server as much as possible and wondered if any of
>the RPCs are actually needed... From what I've read so far I can't see any
>need for them if I just want a very simple DNS/WEB/MAIL server.
The most common need would be if you're running nfs or nis services.
Execute this to see if any rpc services have registered themselves with
your portmapper:
# rpcinfo -p
if all you see is something like this, then you can probably kill portmap
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
If you have other services registered, then decide if they're needed. If
not, kill them and your portmap process.
At the very least you should apply some kind of packet filtering if you do
run rpc services.
--
Christopher Schulte
http://www.schulte.org/
Do not un-munge my @nospam.schulte.org
email address. This address is valid.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020313000322.03970688>