LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-28-2009, 02:58 PM   #1
mark_alfred
Senior Member
 
Registered: Jul 2003
Location: Toronto, Ontario, Canada
Distribution: Ubuntu Linux
Posts: 1,033

Rep: Reputation: 95
Tiger warnings about avahi-daemon - should I be concerned?


I installed Tiger onto my Lenny box, and it gives me the following warnings repeatedly:

"The process `avahi-daemon' is listening on socket 52636" (or other numbers)
"The process `rpc.statd' is listening on socket 34157" (or other numbers)

Should I be concerned? Is it time to declare my computer a security risk and detonate it with dynamite immediately?
 
Old 04-28-2009, 03:54 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by mark_alfred View Post
I installed Tiger onto my Lenny box, and it gives me the following warnings repeatedly:

"The process `avahi-daemon' is listening on socket 52636" (or other numbers)
"The process `rpc.statd' is listening on socket 34157" (or other numbers)

Should I be concerned? Is it time to declare my computer a security risk and detonate it with dynamite immediately?
I would suggest you instead determine whether you need/want Avahi and/or RPC. If you don't, then you can always remove them (no high explosives necessary). I think the Avahi package is called avahi-daemon and RPC is provided by portmap, which is a dependency of both NFS and NIS.

Last edited by win32sux; 04-28-2009 at 04:01 PM.
 
Old 04-28-2009, 10:59 PM   #3
mark_alfred
Senior Member
 
Registered: Jul 2003
Location: Toronto, Ontario, Canada
Distribution: Ubuntu Linux
Posts: 1,033

Original Poster
Rep: Reputation: 95
Is Tiger just anally-retentive?

Quote:
Originally Posted by win32sux View Post
I would suggest you instead determine whether you need/want Avahi and/or RPC. If you don't, then you can always remove them (no high explosives necessary). I think the Avahi package is called avahi-daemon and RPC is provided by portmap, which is a dependency of both NFS and NIS.
I think libsane depends on avahi, and I've a scanner. I may get rid of portmap, but I'm worried that mount indirectly relies upon it.

Anyway, from what I understand, these are not unusual programs. Why is Tiger making a fuss over them?
 
Old 04-29-2009, 03:15 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,003
Blog Entries: 54

Rep: Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757Reputation: 2757
It's just objectively listing what's going on. Determining something to be benign or malicious is left to human interpretation.
 
Old 04-29-2009, 06:45 AM   #5
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by mark_alfred View Post
I think libsane depends on avahi, and I've a scanner.
It depends on the library, not the daemon (look here).

Quote:
I may get rid of portmap, but I'm worried that mount indirectly relies upon it.
Unless you've got clients that make use of that service, you don't need it. If you don't want to remove the package, keep in mind you could instead just make it so that it doesn't get automatically loaded at startup time (the same could be said for the Avahi daemon).

Last edited by win32sux; 04-29-2009 at 07:32 AM.
 
Old 04-30-2009, 11:20 AM   #6
mark_alfred
Senior Member
 
Registered: Jul 2003
Location: Toronto, Ontario, Canada
Distribution: Ubuntu Linux
Posts: 1,033

Original Poster
Rep: Reputation: 95
unSpawn: Objectively? It seems that flagging something with a big all-capitals "WARN" is hardly objective. Plus, it's not listing all processes; rather, it's being selective in that which it warns about. Granted, though, it did not accord the status of "FAIL" to the aforementioned processes, so perhaps they're not something that need raise too much concern.

win32sux: when in doubt, throw it out. Be free of unnecessary clutter. So, gone are portmap and avahi-daemon, along with a few others. Time to reboot and see if the machine has survived this surgery.

[later] Well, the reboot was a success. It'll be interesting to discover if I've lost any functionality from the recent removals.

Last edited by mark_alfred; 04-30-2009 at 11:36 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
(Ubuntu) Avahi-Daemon errors runneri.q Linux - Wireless Networking 1 08-07-2008 07:06 PM
(Ubuntu) Avahi-Daemon errors runneri.q Linux - Newbie 1 08-06-2008 07:18 AM
Avahi-daemon on startup OR13 Fedora 1 07-13-2006 12:24 PM
Do I need avahi? billymayday Linux - Software 4 05-29-2006 03:10 PM
Ubuntu + avahi-daemon/tools Valhalla Linux - Software 0 12-10-2005 03:58 PM


All times are GMT -5. The time now is 02:39 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration