similar to: portmap vulnerability?

Hi all, I want to map an NFS share from a remote server to a local CentOS 5.4 server, but have a problem with portmap: root at mercury:[~]$ service portmap restart pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection reset by peer Stopping portmap: [FAILED] Starting portmap: [ OK ] root at

Hi all, I have setup a CentOS6.3 x86_64 host to act as a nfs server. According to RHEL6 docs, portmap is not needed when you use NFSv4, but in my host I need to start rpcbind service to make NFSv4 works. My /etc/sysconfig/nfs # # Define which protocol versions mountd # will advertise. The values are "no" or "yes" # with yes being the default MOUNTD_NFS_V2="no"

Having problems starting httpd & portmapper #service httpd start /usr/sbin/httpd: error while loading shared libraries: libm.so.6: cannot open shared object file: No such file or directory and I traced it to selinux, which I had just turned on for the first time: # sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode:

I don't know if this is RedHat 5.1 specific, but be aware that the version of portmap distributed is the enhanced (Wietse Venema) version. That's great, except for two things. The first is documented, but easy to overlook: "In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name...The upshot of all this is that only network

If it''s any help, here''s a sed script that is reasonably good at pulling out suspicious-looking items generated by various daemons. Fix appropriately... _H* ========== # this should match a buncha different stuff / [Pp]ermi/b ff / PERMI/b ff / [Rr]efuse/b ff / REFUSE/b ff / [Dd]en[yi]/b ff / DEN[YI]/b ff /[Rr]eject/b ff /REJECT/b ff /[Bb]ogus/b ff /[Pp]assw/b ff /PASSW/b ff

Hi all I have a CentOS 5.1 server running Xen and recently installed ConfigServer Firewall (CSF) on the main node to give it some protection. On a daily basis I''m getting an email about portmap. haldeamon and xfs consumming too much resources. The main node, dom0 doesn''t even do anything, and everything is done on the domU''s Here''s a thread I''ve

hi the problem : ssh lets ordinary users=A0forward reserved ports (see Debian bug report logs - #12763 ssh 1.2.20-3 /sshd vulnerable ) in connection with: lpd lets people who have access to its reserved port (ie people from hosts in /etc/hosts.{lpd,allow}) create delete and exec files = (see Secure Networks Inc. Security Advisory October 2, 1997 as reported thru

An HTML attachment was scrubbed... URL: <http://supercolony.gluster.org/pipermail/gluster-users/attachments/20120304/04099724/attachment.html>

I am running Redhat 6.1 as a firewall between a cable modem and my home network. Occasionally, I see messages such as these under /var/log/messages: Jan 17 13:38:16 saturn5 portmap[3726]: connect from 24.28.77.200 to dump(): request from unauthorized host Jan 18 14:00:34 saturn5 portmap[1544]: connect from 204.151.148.146 to dump(): request from unauthorized host My assumption is that the

Hello all, I have a server on my private network that is configured as an NIS server and mapped to a "public" IP address on a firewall. All other TCP ports (SSH, iperf, you name it) are visible from the outside - but the portmapper-managed ports (port 111 itself and the YPSERV/YPXFRD ports, etc.) are not visible from the outside - even though they are alive and well on the internal

CentOS 5 updated, Xen host. The portmap on this machine is somehow "stuck" and I can't figure out why. I enabled it to be able to mount a remote nfs share. The first hurdle was that "portmap" didn't appear in the chkconfig list, it was installed with the initial packages but not added to chkconfig. Took me a while to figure this out. Adding and starting it up is no

Yesterday I activated SELinux in targeted mode, then I rebooted and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t

Greetings I'm running an NIS server that I would very much *not* want to be accessible on some of its interfaces. portmap can be instructed to bind to specific addresses using the -h flag, but this seems to break ypbind. ypbind will attempt to find a server by issuing a broadcast rpc request to the local network. When portmap is not bound to INADDR_ANY, it will not reply to these requests.

Hello all, I have seen various reports on this error posted in the past few years, but was unable to find a resolution to the various postings. I've googled the error messages too, and have hit on various sporadic similar problems encountered with no resolutions .. Apologize if this has been exhaustively queried upon in the past; however, I'd like to try asking again, nevertheless:

Ran into a weird problem, and this seemed a good forum to toss it out into -- if I've gaffed, please let me know. Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly. When running 5.0, though, I'd installed the opie-fied ftpd that comes with the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz) and had it work without a hitch. I'd also

I have been googling and searching the archive , haven''t got anything helpful. Would appreciate any help. Got the follow error when trying to start a domain using NFS root IP-Config: Incomplete network configuration information. Looking up port of RPC 100003/2 on 10.10.24.141 <http://10.10.24.141> RPC: sendmsg returned error 101 portmap: RPC call returned error 101 Root-NFS:

Hi all, Which ports do I need to have open on an NFS client's firewall to allow it to connect to a remote NFS servers? When I disable iptables (using ConfigServerFirewall), it connects fine, but as soon as I enable it, NFS gives me this error: root at saturn:[~]$ mount master1.mydomain.co.za:/saturn /bck mount: mount to NFS server 'master1.mydomain.co.za' failed: RPC Error: Unable to

I''m in the process of locking down as much of my systems here as possible as to available ports. I am down to only a handful but am not sure how much of a security risk they pose and was wondering if anyone here might be able to comment, or suggest secure versions to run: 21/FTP (WU-ftpd v2.4.2 BETA 14) 22/SSH (1.22) 23/TELNET (Netkit 0.09) 25/SMTP (Sendmail

Hi all, I have implemented portmap spoofing in klibc nfsmount (released as klibc-0.144) This is basically a vestigial portmap daemon which gets launched before the mount() call and then just records any transactions it gets to a file and sends back an affirmative reply. There are two ways to use it (this belongs in a README file, but it's too late at night right now): a) Set a fixed

I was wondering if anyone here has or knows how to implement ttysnoop w/ssh ?