[ILUG] AUTH requests on port 135.
Rick Moen
rick at linuxmafia.com
Tue Apr 6 01:06:48 IST 2004
Quoting John P. Looney (valen at tuatha.org):
> On Tue, Mar 30, 2004 at 02:47:24PM -0800, Rick Moen mentioned:
> > MS-Windows portmapper, made infamous by a recent MS-Windows Blaster worm
> > that made many of the more clueful victims belatedly wake up and say
> > "What? Why am I running a portmapper exposed to the global Internet _by
> > default_? On a standalone workstation?"
>
> RedHat did that till RH8 I think.
Prior to RH8, _if_ you (1) installed the entire kitchen sink (rather
than, say, the "Workstation" package set), and (2) never bothered to
review what daemon processes you were starting at host bootup and why,
then indeed you potentially had a problem.
To draw out that comparison a little more, suppose you noticed the
process's SysVInit script or "rpc.portmap" in your RH7.3 "kitchen sink"
host's process table. You would be moved to wonder:
1. What is it?
2. How do I shut it off?
3. What will break if I shut it off?
4. Short of that, is there a way to make it accessible from loopback only,
or from my local LAN only, without affecting anything else?
The answers to all of those things are pretty easy to find. The same
has never been even remotely true for the corresponding NT/W2K/XP
"dcom-scm" service.
--
Cheers, No trees were destroyed in the sending of this message.
Rick Moen We do concede, though, that a large number of electrons
rick at linuxmafia.com were terribly inconvenienced.
More information about the ILUG
mailing list