Hello all, I got an email regarding with my vServer and it says my vServer affected due to not secure portmapper service. I checked internet to see how can i secure the portmapper service but i didn't find any Kindly requesting your help. Many thanks
CERT-bund informations - Securing portmapper service
- MasteRofDeatH
- Erledigt
-
-
Have a look here: Abusemeldung erhalten
-
If you dont need NFS, just uninstall the rpcbind package.
-
I uninstalled rpcbind but still i got automated emails from cert-bund.
Format: ASN | IP address | Timestamp (UTC)
[...]
197540 | 37.120.170.228 | 2017-07-08 03:49:39
[...]
How can i fix the problem?
Thanks
-
Hi,
I would suggest setting up a Firewall and only allow incomming Traffic on the Ports you need to be reachable from the Internet.
So, if you don't need the Port, you can "close" it and it can't be scaned from the outside.
-
I uninstalled rpcbind but still i got automated emails from cert-bund.
Did you even stopped the service before?
CodePORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop3 111/tcp open rpcbind 143/tcp open imap
May have a look at the netstat output for listening ports on your system
-
97540 | 37.120.170.228 | 2017-07-08 03:49:39
2017-07-08 03:49:39: did you remove rpcbind before or after this date ?
regards