On Sat, Jul 21, 2001 at 08:21:09PM -0700, Nicole Zimmerman wrote: > > > > last i used OpenBSD (2.6) it started portmap and identd by default at > > > the very least, maybe fingerd too i don't remember for sure. > > > > > The difference is, those were not exploitable. > > And they are on debian?
It seems everyone on this list YELLS at people who leave rpc.statd running. I don't know whether it's exploitable or not, I know enough to turn it off because I don't use it. I am not talking about people who know what they are doing. I am talking about new users who have no practical knowledge of the system. I'm talking about protecting them from being immediately vulnerable. If people are running services, they should know how to start and stop them, right? <[EMAIL PROTECTED]>
