Firewall Wizards mailing list archives
Re: PIXen spewing udp packets at port 111?!
From: "Mordechai T. Abzug" <morty () frakir org>
Date: Tue, 7 Jan 2003 18:13:44 -0500
On Tue, Jan 07, 2003 at 02:30:49PM -0500, R. DuFresne wrote:
Thanks for the reply. Are you suggesting that the webhosts, indeed sun boxen, might be initiating the udp exchange with the gateway of the PAT'ed addresses behind it?
My understanding, and it's a tad dated, and might be outdated, is that it's near to impossible <hoop jumping and kernel hacks if I recall> to tune out RPC on solaris, which is better trained via filtering and such. Is this still valid understanding, or dated? solaris 6 and 7 at present, with considerations of solaris 9 in some future context.
[Assuming you're talking about RPC portmap clients, since RPC portmap servers can be killed by renaming /etc/rc2.d/S71rpc.] RPC as a client can be in the kernel (ie. NFS) but is usually in a userland process. Turning off portmap client requests (without filtering) can sometimes by done in the client config. If you're not sure who is generating the portmap requests, why not fire up a sniffer (ie. Solaris' snoop) and see if your clients really are generating them? - Morty _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIXen spewing udp packets at port 111?! R. DuFresne (Jan 07)
- Re: PIXen spewing udp packets at port 111?! Dave Mitchell (Jan 07)
- Re: PIXen spewing udp packets at port 111?! R. DuFresne (Jan 07)
- Re: PIXen spewing udp packets at port 111?! Dave Mitchell (Jan 07)
- Re: PIXen spewing udp packets at port 111?! Charles W. Swiger (Jan 07)
- Re: PIXen spewing udp packets at port 111?! Mordechai T. Abzug (Jan 07)
- Re: PIXen spewing udp packets at port 111?! R. DuFresne (Jan 07)
- <Possible follow-ups>
- RE: PIXen spewing udp packets at port 111?! R. DuFresne (Jan 08)
- Re: PIXen spewing udp packets at port 111?! Dave Mitchell (Jan 07)