Hi, I remember a discussion a while back about the portmapper still running in the secure by default configuration. IIRC somebody said it is protected by tcp wrapper rules and only accessible from localhost per default to allow legacy service the access.
On a freshly installed snv_65 this is not the case: mybox:~ # nmap -A remotehost Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-08 18:38 CEST Interesting ports on remotehost (192.168.110.20): Not shown: 1695 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh SunSSH 1.1 (protocol 2.0) 111/tcp open rpcbind 2-4 (rpc #100000) MAC Address: 00:D0:59:B6:82:11 (Ambit Microsystems) Device type: general purpose Running: Sun Solaris 9|10 OS details: Sun Solaris 9 or 10 Uptime: 0.318 days (since Fri Jun 8 11:01:20 2007) Network Distance: 1 hop OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 53.233 seconds myhost:~ # rpcinfo -p remotehost program vers proto port 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper myhost:~ # Is this a regression or is my memory wrong? Cheers, Dirk -- Dr. Wetter IT Consulting http://drwetter.org Beratung IT-Sicherheit + Open Source Inhaber: Dr. Dirk Wetter Key fingerprint = 80A2 742B 8195 969C 5FA6 6584 8B6E 59C1 E41B 9153 [electronic vcard attached contains contact info]
