Hey,
When I run Nessus against Unix machine, the scanner detect that :
1) The nlockmgr RPC service is running.
If you do not use this service, then
disable it as it may become a security
threat in the future, if a vulnerability
is discovered.
This service is not active of my Unix (the line is in comment in inetd.conf).
2) The statd RPC service is running.
This service has a long history of
security holes, so you should really
know what you are doing if you decide
to let it run.
line is in comment in inetd.conf.
Is that a bug in Nessus ?
I used the options UDP port scan and RPC port scan.
The version is 1.0.10.
thanks Daniel BOUR.
