SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Pastimes : Computer Learning
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
To: mr.mark who wrote (8790)3/17/2000 9:19:00 PM
From: Tom Swift   of 110626
 
I got one of these the other day, I am up to 5 individual attacks in ~ 1 month.

Summary An intruder has attempted to access the Sun RPC (rpcbind, portmapper) service on your
system. This is probably during a sweep of millions of machines on the Internet, and is probably not targeting
your computer in particular.

Details

RPC (Remote Procedure Call) is a networking technology developed by Sun Microsystems. It is used on most
UNIX machines, and is a popular way of building networked applications. (Almost no Windows computers
run this form of RPC).

Its popularity translates into lots of programs that may have holes. Scanning for RPC is the first stage in
looking for those particular programs. If you had been running RPC on your system, then the next step
the intruder would take would be an RPC portmapper dump, which would list all the RPC programs on your
machine and tell the intruder if there are any he/she can exploit (use to break into your system).

Note: September, 1999

During this time, we have seen a dramatic rise in the number of scans for this port. This is due to the
rpc.cmsd overflow exploit. A vulnerability has been discovered in this RPC service, so hackers are scouring
the Internet looking for this service so they can exploit it to break into the system.

Is this serious?

For Windows users, this is not serious at all. The hacker is just scanning computers looking for a UNIX
system they can exploit.
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2026 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News