public inbox for speakup@linux-speakup.org
 help / color / mirror / Atom feed
* OT#2: Port 135
@  Chuck Hallenbeck
   ` Joseph C. Lininger
  0 siblings, 1 reply; 3+ messages in thread
From: Chuck Hallenbeck @  UTC (permalink / raw)
  To: Speakup Distribution List

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I keep an eye (okay, an ear) on my firewall log these days and I
see (okay, hear) efforts to reach my port 135. The /etc/services
file says it is "location service", but I cannot find any
information about it. Can anyone enlighten me? I have it
blocked. Is that a safe policy?

Thanks
Chuck


- -- 
The Moon is Waxing Gibbous (78% of Full)
In a world without Fences or Walls no one needs Windows or Gates.
My home page is now at http://www.mhcable.com/~chuckh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iQCVAwUBQBzamjVdG8M9x9tGAQLGSQQA2nXaf0NGlLGEGgOz8lOK7dG2gYrce3ro
ngMkkDYbt567qSuX+O/rFEJ5ZgBW6PD00V1K4xzB8pESiAhkiU6+Wif/fPvAzo2d
IuKp0/60oa7eLrvorThZmjW3UjJPtH1vNCqsfeQpy53+0bjv7AtWH6T88yr98Hkb
yBXqxSdhekA=
=iMXn
-----END PGP SIGNATURE-----



^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: OT#2: Port 135
   OT#2: Port 135 Chuck Hallenbeck
@  ` Joseph C. Lininger
     ` Chuck Hallenbeck
  0 siblings, 1 reply; 3+ messages in thread
From: Joseph C. Lininger @  UTC (permalink / raw)
  To: Speakup is a screen review system for Linux.

Hello,
Port 135 is used by RPC, and is only open in Linux if the RPC portmapper is running. People typically scan for it because there are many known Windows exploits involving RPC. Unless you are using something that requires RPC (NFS comes immediately to mind), it would probably be a good idea to block it. Even if you are using something that needs RPC, you should still block port 135 from the internet.

-- 
Joseph C. Lininger
jbahm@pcdesk.net

On Sun, 1 Feb 2004, Chuck Hallenbeck wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I keep an eye (okay, an ear) on my firewall log these days and I
> see (okay, hear) efforts to reach my port 135. The /etc/services
> file says it is "location service", but I cannot find any
> information about it. Can anyone enlighten me? I have it
> blocked. Is that a safe policy?
>
> Thanks
> Chuck
>
>
> - --
> The Moon is Waxing Gibbous (78% of Full)
> In a world without Fences or Walls no one needs Windows or Gates.
> My home page is now at http://www.mhcable.com/~chuckh
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iQCVAwUBQBzamjVdG8M9x9tGAQLGSQQA2nXaf0NGlLGEGgOz8lOK7dG2gYrce3ro
> ngMkkDYbt567qSuX+O/rFEJ5ZgBW6PD00V1K4xzB8pESiAhkiU6+Wif/fPvAzo2d
> IuKp0/60oa7eLrvorThZmjW3UjJPtH1vNCqsfeQpy53+0bjv7AtWH6T88yr98Hkb
> yBXqxSdhekA=
> =iMXn
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: OT#2: Port 135
   ` Joseph C. Lininger
@    ` Chuck Hallenbeck
  0 siblings, 0 replies; 3+ messages in thread
From: Chuck Hallenbeck @  UTC (permalink / raw)
  To: Speakup is a screen review system for Linux.


Thanks. That helps.

On Sun, 1 Feb 2004, Joseph C. Lininger wrote:

> Hello,
> Port 135 is used by RPC, and is only open in Linux if the RPC portmapper is running. People typically scan for it because there are many known Windows exploits involving RPC. Unless you are using something that requires RPC (NFS comes immediately to mind), it would probably be a good idea to block it. Even if you are using something that needs RPC, you should still block port 135 from the internet.
>
>

-- 
The Moon is Waxing Gibbous (78% of Full)
In a world without Fences or Walls no one needs Windows or Gates.
My home page is now at http://www.mhcable.com/~chuckh


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~ UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
 OT#2: Port 135 Chuck Hallenbeck
 ` Joseph C. Lininger
   ` Chuck Hallenbeck

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).