View the Most Wanted LQ Wiki articles.
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 12-18-2002, 10:37 AM   #1
Registered: Apr 2002
Location: Houston Texas
Distribution: Debian / Gentoo / RHEL
Posts: 209

Rep: Reputation: 31
sunrpc port 111

I started probing my servers for holes, and open ports, and I found port 111 sunrpc port open on 2 of my server. Does anyone know what this is and what it does. If it is not neccesay how do you turn it off, I do not see it in inet.d services list.
Old 12-18-2002, 02:54 PM   #2
Senior Member
Registered: Jan 2002
Location: germany
Distribution: ubuntu
Posts: 1,507

Rep: Reputation: 128Reputation: 128
there's a lot of info on the web for sun's rpc:
cheers, jens
Old 12-18-2002, 03:25 PM   #3
LQ Guru
Registered: Jan 2001
Posts: 24,147

Rep: Reputation: 229Reputation: 229Reputation: 229
If your not worrying about connecting to other machines on a network like with NFS, you don't necessarily need it running.
Old 12-19-2002, 11:21 AM   #4
Registered: Apr 2002
Location: Houston Texas
Distribution: Debian / Gentoo / RHEL
Posts: 209

Original Poster
Rep: Reputation: 31
That is kool, thanks guys but I decided after reading that I will be using some NFS so, I will just block that port at my firewall.
Old 12-20-2002, 04:47 AM   #5
Registered: Mar 2002
Distribution: Redhat 9.0, Debian, Knoppix, YellowDog
Posts: 142

Rep: Reputation: 15
The portmapper is only "directory enquiries" for RPC on your machine, i.e. it will tell a requesting program which port another RC service runs on. However, I can still find out which RPC programs are running by "dialling" all your port numbers and deducing what is running based on the output. Nessus does a fine job of that. It is therefore essential that you block all ports at your firewall that you do not explicitly want people to connect to. I have seen many a firewall configured to block portmapper that happily let me connect and exploit tooltalkd (as part of a legitimate pentest assignment I might add ;>).

Not suggesting that this is _your_ config, just adding info for anyone else reading the thread. ;>



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking port 111 wedgeworth Linux - Newbie 1 04-19-2004 02:56 PM
portsentry 111 port not binding saag Linux - Security 4 03-19-2004 10:40 AM
port 111 - firewall question taz76 Linux - Networking 5 04-04-2003 04:04 PM
scan port at 111 is open.... Qebex Linux - Security 5 09-21-2002 07:29 PM
Closing port 111 psyklops Linux - General 3 05-01-2002 01:53 AM

All times are GMT -5. The time now is 12:15 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration