HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 35 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Solution for Multiple Vendor RPC portmapper Access Restriction Bypass
EH-Net
May 24, 2013, 01:54:09 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Solution for Multiple Vendor RPC portmapper Access Restriction Bypass  (Read 1995 times)
0 Members and 1 Guest are viewing this topic.
Hack_80
Jr. Member
**
Offline Offline

Posts: 86


Black buck


View Profile
« on: August 28, 2012, 07:07:14 AM »
Hi,
In most of the windows 2003 storage server reported vuln for
Multiple Vendor RPC portmapper Access Restriction Bypass by Nessus and recommended solutions is
"Apply the relevant patch from the referenced documents for EMC Legato
Networker and IBM Informix Dynamic Server.  If a different application
is being used, contact the vendor for a fix."
Unable to understand the fix....

Does RPC port mapper 111 is used by Storage ...?
looking for disabling the port thru registry if any...?

kindly suggest
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1633



View Profile
« Reply #1 on: August 28, 2012, 07:44:46 AM »
Not quite following your first paragraph (I think wording was a little fuzzy in the first sentence, but I think you're saying your 2003 storage servers are all reporting this), but port 111 generally shouldn't be available to the internet.  Why not just restrict it at the firewall (in Windows firewall, at least)?  I'd like to 'assume' that it's not open to the internet, but if it is, I'd suggest blocking it.

For reference, a quick Google search (third response in search for "port 111 windows") would've yielded this thread:

http://windowssecrets.com/forums/showthread.php/145339-Port-111-problem

Specifically:

"Port 111 is used by the port mapper service. This is a service, normally used in commercial client-server scenarios, that allows an inquiring service to determine what software has been mapped to various ports so that they can communicate. Typically it is used to allow network hosts to communicate with resources available on a server.

Calls to port 111 are not accessible from the internet unless your firewall allows them. It would be dangerous to do so and your firewall should not be setup to forward port 111 unless you know what you are doing."
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.063 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.