The German CERT (Computer Emergency Response Team) has published a warning about increased attacks and abuse attempts that use the Portmapper service in a server.

This service is typically found on port 111 tcp/udp. In a standard CentOS 6 or 7 install, this port is used rpcbind.

The CERT warns that they’re seeing an increased amount of DDoS reflection attacks against that port. Should a compromise occur, the attackers could get access to available RPC services or network shares.

Make sure you don’t have openly accessible Portmapper services in any of your servers. A serious compromise might otherwise be possible.

Facebooktwittergoogle_plusredditpinterestlinkedinmail