關閉 111 rpcbind 埠

babyyellow發表於2022-09-15
RPC

111  埠  為 systemd  系統管理  固定的rpcbind  監聽服務埠。 


資料庫端沒有該服務需求,關閉埠。 




nmap localhost

Starting Nmap 6.40 (   ) at 2022-09-15 09:54 CST
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00015s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
3306/tcp open mysql
5666/tcp open nrpe
9100/tcp open jetdirect



netstat  -nlptu  


# netstat -tlnup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 31572/sshd
tcp 0 0 192.x.x.x:9505 0.0.0.0:* LISTEN 7180/sh
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 1532/nrpe
tcp6 0 0 :::9100 :::* LISTEN 7214/node_exporter
tcp6 0 0 :::3308 :::* LISTEN 7439/mysqld
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::22 :::* LISTEN 31572/sshd
tcp6 0 0 :::3306 :::* LISTEN 28430/mysqld
udp 0 0 0.0.0.0:111 0.0.0.0:* 10006/rpcbind
udp 0 0 0.0.0.0:853 0.0.0.0:* 10006/rpcbind
udp6 0 0 :::111 :::* 10006/rpcbind
udp6 0 0 :::853 :::* 10006/rpcbind



# lsof -p 10006
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 10006 rpc cwd DIR 253,0 4096 512 /
rpcbind 10006 rpc rtd DIR 253,0 4096 512 /
rpcbind 10006 rpc txt REG 253,2 61504 2384522 /usr/sbin/rpcbind
rpcbind 10006 rpc mem REG 253,2 62184 2106271 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 68192 2106359 /usr/lib64/ .1.0.6
rpcbind 10006 rpc mem REG 253,2 90664 2106338 /usr/lib64/ .1.2.7
rpcbind 10006 rpc mem REG 253,2 99944 2106362 /usr/lib64/ libelf-0.168.so
rpcbind 10006 rpc mem REG 253,2 402384 2106326 /usr/lib64/ .1.2.0
rpcbind 10006 rpc mem REG 253,2 19888 2106383 /usr/lib64/ .1.1.0
rpcbind 10006 rpc mem REG 253,2 15688 2106444 /usr/lib64/ .1.5
rpcbind 10006 rpc mem REG 253,2 58728 2291395 /usr/lib64/ .0.1
rpcbind 10006 rpc mem REG 253,2 88720 2097666 /usr/lib64/ .1
rpcbind 10006 rpc mem REG 253,2 19776 2106259 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 297328 2291305 /usr/lib64/ libdw-0.168.so
rpcbind 10006 rpc mem REG 253,2 111080 2106281 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 19384 2106395 /usr/lib64/ .0.10.0
rpcbind 10006 rpc mem REG 253,2 535064 2106398 /usr/lib64/ .11.8.2
rpcbind 10006 rpc mem REG 253,2 157424 2106341 /usr/lib64/ .5.2.2
rpcbind 10006 rpc mem REG 253,2 155744 2106335 /usr/lib64/ .1
rpcbind 10006 rpc mem REG 253,2 44448 2106283 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 1139680 2106261 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 20032 2106385 /usr/lib64/ .2.22
rpcbind 10006 rpc mem REG 253,2 113584 2106263 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 15848 2106345 /usr/lib64/ .2.1
rpcbind 10006 rpc mem REG 253,2 210768 2291387 /usr/lib64/ .3.1
rpcbind 10006 rpc mem REG 253,2 963504 2291393 /usr/lib64/ .3.3
rpcbind 10006 rpc mem REG 253,2 320768 2291383 /usr/lib64/ .2.2
rpcbind 10006 rpc mem REG 253,2 2127336 2106253 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 42520 2106482 /usr/lib64/ .0.7.6
rpcbind 10006 rpc mem REG 253,2 144792 2106279 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 176760 2292256 /usr/lib64/ .1.0.10
rpcbind 10006 rpc mem REG 253,2 164264 2106246 /usr/lib64/
rpcbind 10006 rpc mem REG 253,2 162560 2292356 /usr/lib64/ .0.6.0
rpcbind 10006 rpc 0u CHR 1,3 0t0 1028 /dev/null
rpcbind 10006 rpc 1u CHR 1,3 0t0 1028 /dev/null
rpcbind 10006 rpc 2u CHR 1,3 0t0 1028 /dev/null
rpcbind 10006 rpc 3u unix 0xffff88181b030400 0t0 18847 /var/run/rpcbind.sock
rpcbind 10006 rpc 4u IPv6 18849 0t0 TCP *:sunrpc (LISTEN)
rpcbind 10006 rpc 5u IPv4 18850 0t0 TCP *:sunrpc (LISTEN)
rpcbind 10006 rpc 6r REG 0,18 0 534692450 /run/rpcbind.lock
rpcbind 10006 rpc 7u sock 0,7 0t0 534718763 protocol: UDPv6
rpcbind 10006 rpc 8u IPv4 534724823 0t0 UDP *:sunrpc
rpcbind 10006 rpc 9u IPv4 534724824 0t0 UDP *:853
rpcbind 10006 rpc 10u IPv6 534724825 0t0 UDP *:sunrpc
rpcbind 10006 rpc 11u IPv6 534724826 0t0 UDP *:853



# netstat -tlnup systemctl list-unit-files --all |grep portmapper
# systemctl list-unit-files --all |grep portmapper
# cat /etc/services | grep -w 111
sunrpc 111/tcp portmapper rpcbind # RPC 4.0 portmapper TCP
sunrpc 111/udp portmapper rpcbind # RPC 4.0 portmapper UDP

.

# systemctl list-unit-files --all |grep portmapper
# systemctl list-unit-files --all |grep rpcbind
rpcbind.service indirect
rpcbind.socket enabled
rpcbind.target static


# systemctl stop rpcbind.socket
# systemctl disable rpcbind.socket
Removed symlink /etc/systemd/system/sockets.target.wants/rpcbind.socket.



# nmap localhost

Starting Nmap 6.40 (   ) at 2022-09-15 10:22 CST
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000030s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
3306/tcp open mysql
5666/tcp open nrpe
9100/tcp open jetdirect

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds
# netstat -nlptu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 31572/sshd
tcp 0 0 192.x.x.x:9505 0.0.0.0:* LISTEN 21462/nail
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 1532/nrpe
tcp6 0 0 :::9100 :::* LISTEN 7214/node_exporter
tcp6 0 0 :::3308 :::* LISTEN 7439/mysqld
tcp6 0 0 :::22 :::* LISTEN 31572/sshd
tcp6 0 0 :::3306 :::* LISTEN 28430/mysqld




來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/133735/viewspace-2914748/,如需轉載,請註明出處,否則將追究法律責任。

相關文章