Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)
From: newsham () aloha net (Timothy Newsham)
Date: Thu, 13 Apr 1995 12:59:40 -1000 (HST)

Yes.  Blocking port 111 is not enough; it is far too easy to just fire
NIS requests at every port number in the appropriate range - there are
only a few thousand of them.  If you're running a mostly stock setup,
one can almost predict the port NIS will use a priori.

Its very easy to scan for services using RPC since they respond
in a uniform manner to RPC formatted packets that you send
to them.  You can scan a large range of udp ports in a relatively
small amount of time.  The RPC daemon will also respond in
a particular way if you give it the right program number so
you can go through a list of well known program numbers and
determine which service is on a port once you know a port
is talking RPC.

                                      der Mouse
                          mouse () collatz mcrcim mcgill edu

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]