Date: Fri, 04 Jan 2002 17:43:45 -0600 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: Sam Drinkard <sam@wa4phy.net>, freebsd-stable@freebsd.org Subject: Re: Something about port 111 Message-ID: <5.1.0.14.0.20020104173303.03f77958@pop3s.schulte.org> In-Reply-To: <3C363624.39425529@vortex.wa4phy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 06:09 PM 1/4/2002 -0500, Sam Drinkard wrote: >Hello gang, > > This might be slightly off topic, but am curious, since it just >started after going to 4.5-Pre. I've noticed a tremendous increase in I >assume portscans for port 111, since the upgrade. AFIK, no one has >gotten through, and I've not seen anything in particular about port 111 >in security. IS there something vulnerable about 111 that would have >increased a cracker's chance in gaining access via that port? This would probably be better suited in -questions or -security, but... Port 111 has and will be a target for scans. It's highly unlikely that increased visibility of scans has anything to do with your recent OS update. Either 4.5-Pre is logging them differently, or coincidentally the scans have increased. See http://www.cert.org/current/current_activity.html for a few links to recent rpc services which have been found to have issues. Most or all of these don't affect FreeBSD in general, and all are certainly are fixed in 4.5-whatever As always: know what open ports your system runs. Use packet filtering as needed. Keep up on advisories. Have an IDS, and keep good backups. >Sam --c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020104173303.03f77958>