On Mon, Jun 18, 2001 at 03:46:13PM +1000, Ian Miller wrote: > add the line /sbin/ipchains -A input -i <INTERFACE> -p TCP -s ! > <LOCALLAN> -d <EXTERNAL IP> 111 -l -j DENY to block the rpc statd attacks > from your external network
port 111 is portmap, not rpc.statd. all blocking portmap will do is prevent them from conveniently getting the statd port number, that doesn't stop them from finding it via nmap. -- Ethan Benson http://www.alaska.net/~erbenson/
pgp53lHokZtT1.pgp
Description: PGP signature