On Tue, 2005-11-08 at 20:50 +0100, Jochen Schulz wrote: > Realos: > > > Mike McCarty wanted us to know: > > > > >http://www.securityfocus.com/brief/38?ref=rss > > > > > > > I have rpc.statd and portmap running on my system. Are they vulnerable > > to this security hole/worm? > > > > As I do not use nfs on my debian server, doesn't it make sense to > > disable both portmap and rpc.statd on my system? > > If you don't need them, remove them. Or at least block access to them > with the help of iptables.
Or, better yet, bind them to localhost or the internal eth device. -- ----------------------------------------------------------------- Ron Johnson, Jr. Jefferson, LA USA PGP Key ID 8834C06B I prefer encrypted mail. "Peace is not an absence of war, it is a virtue, a state of mind, a disposition for benevolence, confidence, justice." Baruch (Benedict de) Spinoza -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]