portmap log messages

portmap log messages

Post by royber » Tue, 06 Feb 2001 15:31:32



I found these lines in my /var/log/messages.

Feb  4 13:41:19 C726833-A portmap[2303]: connect from 209.194.44.35 to
getport(status): request from unauthorized host

Feb  4 16:54:20 C726833-A portmap[2402]: connect from 128.2.18.78 to
getport(status): request from unauthorized host

Feb  4 17:23:19 C726833-A portmap[2411]: connect from 63.204.241.249 to
dump(): request from unauthorized host

According to the man page for portmap, /etc/hosts.allow and /etc/hosts.deny
controll access to this service.  I have the following in hosts.deny:

ALL: ALL

and this in hosts.allow:

ALL: 192.168.0.0

Have theses connections been rejected?  Also, do I even need this service
running, and if not, how do I disable it?

 
 
 

portmap log messages

Post by Luke Voge » Tue, 06 Feb 2001 20:56:31



> Have theses connections been rejected?  Also, do I even need this service
> running, and if not, how do I disable it?

If you are asking the question about whether or not you need the
service, the probability is that you dont.

To turn it off, /etc/rc.d/init.d/portmapper stop

to keep it off, you need to remove it from the initscripts (otherwise
it'll start up at boot time again.)
I think the command is:
chkconfig portmapper off

man chkconfig makes good reading ;)
--
Regards
Luke
----
Those who cannot remember the past are condemned to repeat it.
George Santayana (1863 - 1952), The Life of Reason, Volume 1, 1905
----
http://www.bell-bird.com.au
PLEASE NOTE: Spamgard (tm) installed.

----

 
 
 

1. rpc.portmap (p10, p11, and p12) AND portmap (p4)

        I've read the faq's, and hacked a lot but STILL ---

        rpc.portmap core dumps at the first sign of a request (even rpcinfo)

        This has been going on since I had a pl4 kernel, & is still happening under pl12
with net2, so I think it must be down to my setup!

        I have a DLINK ethernet - sometimes connected to a DOS box running PCNFS, or PCTCP
depending. I also use a SLIP link to demon. Everything seems to work apart from the rpc's

        Anybody who's made the rpc mechanism work - what have I missed ???

2. http://razor.sourceforge.net/

3. portmap log entries

4. Apache 1.2 on SMP kernel

5. Sytem logs and portmap

6. help logging in with BASH

7. portmap error message

8. pop3d with shadow passwd

9. Portmap dump messages

10. Portmap errors in log

11. Portmap message / unauthorized host

12. NFS: Error message from portmap?

13. How large can /var/log/messages and /var/log/syslog get ?