The portmapper is only "directory enquiries" for RPC on your machine, i.e. it will tell a requesting program which port another RC service runs on. However, I can still find out which RPC programs are running by "dialling" all your port numbers and deducing what is running based on the output. Nessus does a fine job of that. It is therefore essential that you block all ports at your firewall that you do not explicitly want people to connect to. I have seen many a firewall configured to block portmapper that happily let me connect and exploit tooltalkd (as part of a legitimate pentest assignment I might add ;>).
Not suggesting that this is _your_ config, just adding info for anyone else reading the thread. ;>