Security: Killing off ports 111 (Sunrpc) and 113 (auth)

Security: Killing off ports 111 (Sunrpc) and 113 (auth)

Post by Andrew T » Mon, 13 Mar 2000 04:00:00



Hi All,
I am still working on tightening down security on my Web/FTP
Server.  I have eliminated about ten open ports and have only 2
left which I want to kill off if I don't absolutely need them.

One is called Sun Remote Proceudre Call (Port 111).  I have no
idea what this one is for and I assume its started somewhere in
the init scripts, anyone know what its used for and where I can
turn it off?

The other is the identd port, (113).  Do I need this one at all?
 I have been through a lot of security docs and I thought I shut
this one off from inetd but apparently its still active.  Any
ideas where I can turn this one off?

Thanks a lot,
Andrew

* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!

 
 
 

Security: Killing off ports 111 (Sunrpc) and 113 (auth)

Post by Bob Hau » Tue, 14 Mar 2000 04:00:00


On Sun, 12 Mar 2000 11:49:00 -0800, Andrew T.


>One is called Sun Remote Proceudre Call (Port 111).
>anyone know what its used for and where I can turn it off?

That is rpc.portmap.  It is used for a number of things that do rpc, most
notably NFS and the automounter (amd).  If you're not using those (and you
shouldn't be unless your host is behind a firewall) you can get rid of it.

Quote:>The other is the identd port, (113).  Do I need this one at all?

Some IRC hosts seem to demand it, other than that probably not.

--
 -| Bob Hauck
 -| To Whom You Are Speaking
 -| http://www.bobh.org/

 
 
 

Security: Killing off ports 111 (Sunrpc) and 113 (auth)

Post by Andrew T » Tue, 14 Mar 2000 04:00:00


Bob,
Thanks for the info.  I actually found a really convenient way to
disable those through Linuxconf, although I usually dont use
linuxconf, it was really quick and easy to manage those daemons.

Thanks
andrew

* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!

 
 
 

1. ports 111 and 113

Hi,

below is the 'netstat -a' output of my router.

what are ports 111, 113? what are they used for? why 111 uses both tcp
and udp ports?
how do I show service name instead of numeric value?, ie, display auth
instead of 113?  Thanks.


Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address        
State
tcp        0      0 *:111                   *:*                    
LISTEN
tcp        0      0 *:113                   *:*                    
LISTEN
udp        0      0 *:111                   *:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  6      [ ]         DGRAM                    765    /dev/log
unix  2      [ ]         DGRAM                    969
unix  2      [ ]         DGRAM                    931
unix  2      [ ]         DGRAM                    886
unix  2      [ ]         DGRAM                    777
unix  2      [ ]         STREAM     CONNECTED     419

2. ar

3. sunrpc port 111

4. Problem with booting a new kernel.

5. port 111 SunRPC problem

6. Inferior display resolution after upgrade

7. sunRPC port 111

8. Dial phone number on the command line for voice connection?

9. sunrpc (port 111) listener

10. port 111 (sunrpc)

11. Question about sunrpc port 111

12. sunrpc on port 111

13. Portscanned on port 111 (sunrpc)