netbsd-help: Re: Log message: rpcbind: connect from 216.123.160.11 to dump()

Subject: Re: Log message: rpcbind: connect from 216.123.160.11 to dump()
To: Brad Spencer <brad@anduin.eldar.org>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: netbsd-help
Date: 08/23/2000 11:09:01

On Tue, Aug 22, 2000 at 06:15:35PM -0400, Brad Spencer wrote:
> 
> Depending on how far you are willing to go, something like this:
> 
> 
> portmap: ALL EXCEPT .my.domain.org, localhost
> 
> 
> in the /etc/hosts.deny file on the NFS server can do wonders in stopping
> RPC scanning.  If you attempt 'rpcinfo -p machine.with.above.org' you get
> fairly uninteresting results.

Sure, but this doesn't prevent contacting the RPC programs directly (a
scan can easily show on which port they runs).

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--