Re: Lots of rpc.statd probes lately

[Joseph Nicholas Yarbrough <nyarbrough () LURHQ COM>]

>      Along these same lines, I have what I feel is a slightly better
> plan.  Educate the vendors to not turn on all the services they enable be
> default.  What does the average user need portmap for?  What does the
> average user need rsh or rlogin for?  daytime, discard, chargen?  Stop
> the madness!  Turn off those services by default and the world will be a
> much safer place.  If a user actually needs one of those services, they
> will probably have enough knowledge to use them properly, not always but
> the odds are greater that they will.  Also don't advertise what OS or
> version you're running in every possible banner.  We don't need to
> advertise to the world that this a a Redhat 5.2 box running 2.0.34 on a
> 486, do we?  Picture in your mind a full portscan of an Irix or AIX box.
> Now tell me, do we really need to enable every single service no to
> mankind?  SNMP, echo, Appletalk Routing?!  I hope not.  The uneducated
> users are a symptom.  The vendors are the problem.  Get the vendors to
> change their ways about what they enable by default and then worry about
> educating the uneducated that still have those services enabled.

Lets face it, that will never happen for "server" installs of linux. This is
the fault of the stupid people we have running linux these days. Lets say:

Distro1: enable rpc/nfsd/etc on boot.
Distro2: doesn't

User1: runs Distro1...
User1: decides to install Distro2...
User1: cant get his' smb/nfs/whatever to work...
User2: asks User1 which distro to run...
User1: says "DONT RUN DISTRO2!! IT SUCKS!!"

Therefore, the distro looses market presence outside of the
"leeter-than-thow" group of linux users.

-Nick