Michael Heldebrant wrote: > Protect your portmapper with /etc/hosts.deny and /etc/hosts.allow and > you won't get these buffer overflow attacks squatting in your syslogs > anymore. I only allow 127.0.0.1 and my internal networks to touch the > portmapper. Everyone else no access, stopped me from getting those > attacks.
My solution was simply to uninstall portmap. I couldn't figure out what I could possibly need it for. I haven't observed any problems resulting from this. My standard theory is that if I see that my machine is listening on a port, I figure out why, and if I can't figure out why I should want it to do that, I get rid of the service or disable its listening feature. If I only want it for my own use, I block that port at my firewall _and_ configure the service to accept only in-house IPs (_not_ including the firewall) or 127.0.0.1 as appropriate. Craig
