rpcbind lingering on IP no longer specified on command line
Vivek Khera
vivek at khera.org
Wed Jan 4 12:44:05 PST 2006
On Jan 4, 2006, at 2:41 PM, Doug Barton wrote:
> What does 'sockstat | grep rpcbind' tell you?
# sockstat | grep rpcbind
root rpcbind 11382 5 stream /var/run/rpcbind.sock
root rpcbind 11382 6 dgram -> /var/run/logpriv
root rpcbind 11382 7 udp4 127.0.0.1:111 *:*
root rpcbind 11382 8 udp4 192.168.100.200:111 *:*
root rpcbind 11382 9 udp4 *:664 *:*
root rpcbind 11382 10 tcp4 *:111 *:*
As Dmitry Morozovsky points out, it seems it always listens to tcp *:
111 which seems to be a bad thing. I'm running 6.0-RELEASE-p1.
This came up because of some security scans we're having run for some
compliance certificates we need...
Can anyone explain why rpcbind will still bind to all tcp interfaces?
More information about the freebsd-stable
mailing list