[ale] rlzdbase ???

Geoffrey esoteric at 3times25.net
Fri Aug 23 14:24:53 EDT 2002 



Jerry Z. Yu wrote:
> quote from a port faq
> at 
> http://www.bismark.it/gnomixland/phpscript/pagina.php?sezioni=Sicurezza&link=faqfirewall.htm#1.1
> <quote>
> Linux mountd bug. This is a popular bug that people are scanning for. Most 
> scans on this port are UDP-based, but they are increasingly TCP-based 
> (mountd runs on both ports simultaneously). Note that mountd can run at 
> any port (for which you must first do a portmap lookup at port 111), it's 
> just that Linux defaulted to port 635 in much the same way that NFS 
> universally runs at port 2049.

Okay, I figured it out.  Thanks for the info, although I'd expect a more 
reasonable comment in /etc/services.

Yesterday when I accidentally deleted those files I posted earlier, they 
resided on a filesystem that is also an nfs share.  So, to umount the 
filesystem, I had to shutdown nfs.  I then attempted to remount the 
share to another machine before I restarted NFS.  I just ran through the 
same scenario and sure enough, same alert.

Thanks for the info.

> </quote>
> 
>  On Fri, 23 Aug 2002, Geoffrey wrote:
> 
> #Okay, just got an attack alert from portsentry identifying one of my own 
> #machines with attacking my primary box at port 635 which is identified 
> #as rlzdbase in /etc/services.  So, following a completely useless search 
> #on google, WTH is rlzdbase service and what's it's purpose??
> #
> #-- 
> #Until later: Geoffrey		esoteric at 3times25.net
> #
> #I didn't have to buy my radio from a specific company to listen
> #to FM, why doesn't that apply to the Internet (anymore...)?
> #
> #
> #---
> #This message has been sent through the ALE general discussion list.
> #See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> #sent to listmaster at ale dot org.
> #
> 
> Jerry Z. Yu					+1-404-487-8544 (O)
> systems engineer				z.yu at voicecom.com
> is support, voicecom, llc			www.voicecom.com
> 
> 


-- 
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list