Panosnet.com

Disable portmapper services in centos 7 (rpcbind)

PortMapper service runs in port TCP and UDP 111 and provides RPC (Remote Procedure Calls) like NFS mounts.

Portmapper service that can be accessed from the Internet can be exploited by an attacker to perform DDoS attacks. An attacker can gain information about your network, e.g. existing network shares or running RPC services. RPC stands for remote procedure call.

To get the list of RPC services running on your server, you can use the following command:
[root@server ~]# rpcinfo -p

In order to stop the RPC services:
[root@server ~]# systemctl stop rpcbind

[root@server ~]# systemctl stop rpcbind.socket

you can check now with rpcinfo -p to confirm that services are not running.

To disable completely the service and prevent it from restarting after reboots, you can disable the service using the below command.

[root@server ~]# systemctl disable rpcbind

Now you can restart your server and confirm that it is not running by using the rpcinfo -p command.

Stay safe!

Exit mobile version