-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Aug 22, 2017 at 10:31:03AM +0200, Rob van der Putten wrote: > Hi there > > > More stretch weirdness: > Rkhunter alerts me to a hidden port. Restarting NFS changes the port > number. Today I did a netstat after restarting NFS and then run > unhide-tcp a few times: It's the client side of RPC NFS callback. > What can I do about this?
This is a bit thin on details, so just guessing from my side. RPC traditionally uses a moving port, assigned by the port mapper. You can configure it to behave as you want it to (RPC and naive, port based firewall rules have always been a bit at odds with each other.). Perhaps you are seeing that? What on earth is "unhide-tcp"? Cheers - -- tomás -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlmb8W0ACgkQBcgs9XrR2kbIvwCeKtPVD17ocTpy7y2aMhWUUsyR knsAnjZyHlCYPg3IjbM4FuB/ToSxEQ3h =p6Xi -----END PGP SIGNATURE-----
