Hi,
On Tue, 20 Mar 2001, Mark Komarinski <[EMAIL PROTECTED]> wrote:
> Recent versions of portmap use tcp_wrappers, so you can use /etc/hosts.allow
> and /etc/hosts.deny to grant or deny access.
This is good, since it makes thing harder. But portmapper is just a
"port directory lookup" for the real RPC (remote procedure call)
services.
So bad guys can just try to directly guess the ports the real services are
on. It must be very similar for nearly all machines (perhaps with the
same distro...). I don't see any randomness in them (not that that
would help against someone determined). Run "rpcinfo -p" to see the
port numbers they would have to guess.
To the best of my knowledge, the real services (e.g. rpc.statd) do not
use tcp_wrapper info (presumably thru libwrap.a) Perhaps they should...
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
