Board index Linux Networking

Dangers of rpc.portmap, rpc.mountd, rpc.nfsd

Dangers of rpc.portmap, rpc.mountd, rpc.nfsd

Post by zinc » Mon, 19 May 1997 04:00:00



-----BEGIN PGP SIGNED MESSAGE-----


Quote:> Hello,

> also, i am curious if there is any way to disable any hosts
> except localhost fropm ever accessing these services.

you want to get the latest version of tcp wrappers and become
intimately familiar with them.

you can get these here: ftp://ftp.cert.org

if you need assistance with configuration i can give you a hand.

- -pjf

- --
"Those that give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- Benjamin Franklin (1773)

zifi runs LINUX 2.0.30  -=-=-=WEB=-=-=->  http://zifi.genetics.utah.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBM39VLE3Qo/lG0AH5AQHWzgQAk7KKSrARN51w9bcyqYe27j8aIUpOSNoP
Fp+35Xug/jEwnNDEldIJ2IWWZavV0DnohTWslFckB8P6G+c+LdzWmxD9ktbAmKc1
RMuyXjhSwMdzEq/6WoW7wkarU/cjIBGZSsxFDn/ofjBGB/apQpDxpE0DqCyJyt+w
7WbwjSToFtU=
=HoKc
-----END PGP SIGNATURE-----

 
 
 
Top

Dangers of rpc.portmap, rpc.mountd, rpc.nfsd

Post by Paul Civa » Wed, 21 May 1997 04:00:00




[Securing RPC services]

Quote:>> also, i am curious if there is any way to disable any hosts
>> except localhost fropm ever accessing these services.

> you want to get the latest version of tcp wrappers and become
> intimately familiar with them.
> you can get these here: ftp://ftp.cert.org
> if you need assistance with configuration i can give you a hand.

Specifically, you want Wietse's secure portmapper/rpcbind.  Although
I don't believe this protects you from every kind of attack wrt RPC,
but it's certainly worth installing.

-Paul-

 
 
 
Top

Dangers of rpc.portmap, rpc.mountd, rpc.nfsd

Post by Thomas H. Ptac » Wed, 21 May 1997 04:00:00



Quote:>I am curious if there are any security risks associated with running
>rc.local:        Run /usr/sbin/rpc.portmap
>rc.local:        Run /usr/sbin/rpc.mountd
>rc.local:        Run /usr/sbin/rpc.nfsd

If you are not running NFS to mount (or export) filesystems between
machines, turn these off. If you are, obtain Wietse Venema's wrapped
portmapper (ftp.win.tue.nl:/pub/security) and disallow access to the
portmapper from as many services as possible. If you're able, filter out
accesses to TCP/UDP at 111 and 2049 (portmap and NFS, respectively).

--
----------------

----------------
exit(main(kfp->kargc, argv, environ));

 
 
 
Top

1. How to use rpc.portmap, rpc.mountd, rpc.nfsd?

[Q2] Stupid but non-FAQ NFS question #2:
Thanks for the help of finding out the rpc.portmap, rpc.mountd, rcp.nfsd.  
Still, after reading the NFS-FAQ, Linux Network Admin Guide, none of these guys
seem to work at all.  I still get the message of RPC fault: program is not
registered.  I guess I really need a cookbook example.

Let's say I have machines A and B which both of them can telnet and ftp to each
other.  In other words, they are properly connected.  Now, this is how I did.
I add three statements at the begninning of the rc.inet2 at machine A:

/usr/sbin/rpc.portmap
/usr/sbin/rpc.mountd
/usr/sbin/rpc.nfsd
/bin/mount -t nfs B:/home /mnt

Then, I add /mnt B[rw] at /etc/exports at machine A.
Then, reboot machine A, and it prompts RPC fault: program is not registered.
Can anyone provide me an idiot-proof way of attacking this?  Thanks.
BTW, someone mention "premeter".  What is that?

--

Salem

2. limits

3. Where are rpc.portmap, rpc.mountd, rpc.nfsd?

4. Linux kernel 1.2.1, turbo mode & failing compilations. HELP!

5. rpc.nfsd and rpc.mountd won't start from rsh

6. Dell XPSB733, Samsung Video chips, w/ AGP, can't get X-Server to run?

7. pre2.0.7-8 break rpc.mountd, rpc.nfsd

8. php apache build problem

9. RH-6.1: rpc.mountd, rpc.nfsd NOT running!

10. rpc.mountd and rpc.nfsd killed and restarting automatically

11. RPC 4.0 vs RPC 4.1 vs TI RPC

12. Comparison bet soap rpc, dce rpc and sun rpc


All times are UTC
Board index