Skip to navigation
How to disable the portmapper in debian
31.07.17
disable: /etc/init.d/rpcbind stop update-rc.d rpcbind disable or remove it: apt-get remove rpcbind after i got: Dear Mr X, We have received a security alert from the German Federal Office for Information Security (BSI). This is an information email only. It is not required that you reply to either us or the BSI. Please investigate the complaint and solve any issue you might find. Please contact certbund@bsi.bund.de (please do not contact Reports@reports.cert-bund.de as this is >just the reporting address and your emails would not be read) and explain the Situation to them, so >they can take you off the list. Important note: When replying to us, please leave the abuse ID [AbuseID:XYZ] unchanged in the subject line. Kind regards Abuse team Quoted text in email that they received below Dear Sir or Madam, the Portmapper service (portmap, rpcbind) is required for mapping RPC requests to a network service. The Portmapper service is needed e.g. for mounting network shares using the Network File System (NFS). The Portmapper service runs on port 111 tcp/udp. In addition to being abused for DDoS reflection attacks, the Portmapper service can be used by attackers to obtain information on the target network like available RPC services or network shares. Over the past months, systems responding to Portmapper requests from anywhere on the Internet have been increasingly abused DDoS reflection attacks against third parties. Please find below a list of affected systems hosted on your network. The timestamp (timezone UTC) indicates when the openly accessible Portmapper service was identified. We would like to ask you to check this issue and take appropriate steps to secure the Portmapper services on the affected systems or notify your customers accordingly. If you have recently solved the issue but received this notification again, please note the timestamp included below. You should not receive any further notifications with timestamps after the issue has been solved. Additional information on this notification, advice on how to fix reported issues and answers to frequently asked questions: https://reports.cert-bund.de/en/ This message is digitally signed using PGP. Information on the signature key is available at the aforementioned URL. Please note: This is an automatically generated message. Replying to the sender address is not possible. In case of questions, please contact certbund@bsi.bund.de keeping the ticket number of this message in the subject line.
Reply
Anonymous
Information Epoch 1752524882
Make each program do one thing well.
Home
Notebook
Contact us
