Good good good gooooood, port 111, servers never gave me any trouble till after port 99....... If you recognize the parody above you watched too much tv as a kid like I did. Ok. down to business: ===================== sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP To see it in action type: rpcinfo -p localhost Many a root exploit has been written about the weknesses of RPC on port 111 for practically every UNIX including the one under the Sun[tm]. Take your browser over to: Exploit World - http://insecure.org/sploits_all.html NOTE: The URL for Exploits covers a lot of info so I am also passing it on to 2 others that may want to review the URL that are not on this list. Who maintains the PLUG Security List? ( Please don't say it is me! ) It seems like on Thu, Aug 31, 2000 at 11:56:23PM -0700, foodog@uswest.net scribbled: Orig Msg> Over the last 2 weeks or so I've had about 10 script Orig Msg> kiddies try to connect to my home firewall on TCP port 111. Orig Msg> I finally visited Packetstorm to see if something was just Orig Msg> released but nothing was obvious. Anyone know what the kidz Orig Msg> are up to? Orig Msg> Orig Msg> Just curious, and wondering if anyone ever _uses_ the Orig Msg> security list ;-) Orig Msg> Orig Msg> Steve Orig Msg> -- Orig Msg> Carpe cerevisiae Orig Msg> Orig Msg> _______________________________________________ Jean Francois - JLF Sends... President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US Director Of Managed Services - OpNIX,Inc., www.opnix.com OpNIX - Simply Better Bandwidth