I need help to fix the portmap on my network

[Talitha]

The portmap service is a demon assigning ports dynamically for RPC services such as NIS and NFS. It has weak authentication mechanisms and has the ability to assign a wide range of port services it controls. For this reason, it is very difficult to secure. I need to some explanation how does this entire service works. For the RPCs this is quiet a requirement in most of the case and the same is also not easy to deny. Does it is important to use TCP wrappers to limit the number of networks and hosts with access to the portmap service since it is with any form of authentication.

[Amie]

RPCs to enable the performance of procedures on a remote machine. In other words, they allow the design of distributed programs by providing a mechanism for remote procedure call. Many applications that use RPC. You can find particular NFS, NIS, but also the most r-commands rusers, rwall, etc. Procedures are grouped into CPP programs and identified by numbers. The programs are also assigned a number and a version number. It is through this triple a customer can call a particular procedure. The numbers are allocated in a strict (same TCP and UDP). Mountd and is assigned the number 100005. Portmap (listening on port 111) is the support of many other services such as NFS servers, NIS, etc. The rpcinfo comande lets you know what RPC services are active on the target system.

[HiSpeed]

RPCs are located at Level 5 of the OSI over TCP / UDP, while that XDR is level 6. These calls are handled by a standard portmap process via the numbers seen above. These numbers are listed in the file / etc / rpc. This file contains the services manufacturers, this is not a configuration file, it plays the same role as / etc / services in the mail application name / port associated to the RPC programming. The RPC server program contains the remote procedure uses ephemeral ports, not the well-known ports. This requires the existence of a standard keeping track of the ephemeral ports used. The process ensures that function, portmap, the translator of ports. The translator is also a port server RPC program number 100000, version 2 and listening on port 111 TCP and UDP.

[BiGMaCHiNe]

For a server making use of RPC to work, it is first necessary that portmap is running. So you can figure out the following points to have more gain on the issue. Check that Portmap is running and is eavesdropping on TCP and UDP ports 111. The server starts, starts eavesdropping on TCP and UDP ephemeral ports, one for each version, the server records every program, version, protocol and port number with a call to portmap. When a customer wants to ask the server, it contacts portmap (111/UDP or TCP) with the parameters and protocol version. Portmap then it returns the listener for the corresponding server protocol and the version specified. Communication can now be made directly between the client and server. By this you can understand how does all things work.

[Pabloa]

It is advisable to filter access to this port with a firewall configured correctly or completely disable this service. Here are the commands that you can use to install Portmap. The first is patch-i-Np1 ../portmap_5-1.diff. This patch provides added security to the package portmap, including the restriction of changing tables portmap machine localhost and then mkdir / usr / share / doc / portmap. This directory must be created before installation.

[Paisley007]

Portmap is a server that converts RPC program numbers into port numbers DARPA protocol. When an RPC server is started, it will tell portmap what port number it listens, and what RPC program number is ready to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where packets to be sent. Portmap must be started before any RPC servers are invoked. Normally portmap forks and dissociates itself from the terminal like other demons. Portmap then logs errors using syslog. To run any of the programs, you will need to run the program /usr/sbin/rpc.portmap .