rpc.statd is a service which supports file locking in NFS. If you're not using NFS, get rid of this service as soon as possible. It has a bad history of remote root exploits. Do a google search on "rpc.statd" and "exploit" for the gory details. -- Carl Patten ----- Original Message ----- From: "Jamie Seeman" <jamie_seeman at securecomputing.com> To: <tclug-list at mn-linux.org> Sent: Tuesday, November 20, 2001 1:23 PM Subject: [TCLUG] Do I need "rpc.statd" > I've been working on tightening my box down, and I was wondering what > rpc.statd is and does. I found it listening on port(s): > > COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME > rpc.statd 619 root 4u IPv4 890 UDP *:795 > rpc.statd 619 root 5u IPv4 901 UDP *:1024 > rpc.statd 619 root 6u IPv4 904 TCP *:1024 (LISTEN) > > I did a man on rpc, but didn't help much. > > Thanks in advance, > > -- > Jamie Seeman > Secure Computing - Test Engineer > 651.628.5420 > > > > _______________________________________________ > Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota > http://www.mn-linux.org > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list >