[Rule-list] What is sunrpc?

Ed Blackman rule-list at edgewood.to
Mon Jul 22 23:59:34 EEST 2002

On Mon, Jul 22, 2002 at 08:42:30PM +0200, Marco Fioretti wrote:
> 111/tcp    open        sunrpc                  
> Do you know what service this is, and if there is any reason to
> leave it open/running on a typical RULE box?

It's the RPC portmapper, necessary (as far as I know) for NFS and
possibly NIS/NIS+ (network yellow pages).  It definitely shouldn't be
open to the Internet, and probably shouldn't be running (I don't know
of any other programs that require it, but that doesn't mean there
aren't any) if you're not running an NFS server or NIS/NIS+.

A Google search for "port 111 sunrpc" turned up a bunch of links
explaining what it does, and what the vulnerabilities are.  The SANS
Institute puts buffer overflows in RPC services at the top of their
list of Unix vulnerabilities:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.hellug.gr/pipermail/rule-list/attachments/20020722/a81d7c60/attachment.pgp>

More information about the Rule-list mailing list