| VID |
17027 |
| Severity |
30 |
| Port |
111 |
| Protocol |
TCP,UDP |
| Class |
RPC |
| Detailed Description |
The RPC llockmgr service is running. The llockmgr is part of the file locking manager system for NFS. It generates local file locking operations in response to requests from client lock managers. The llockmgr service registers with the RPC portmapper as program 100020.
* References:
http://xforce.iss.net/xforce/xfdb/275 |
| Recommendation |
Disable the 'llockmgr' rpc service if your system is not acting as either an NFS client or server.
To disable the 'llockmgr' service :
1. Disable the 'llockmgr' service with root privileges as the following.
# rpcinfo -d [program num] [version num]
2. Disabled by commenting this service out in /etc/inetd.conf.
3. Restart the inetd daemon. (kill -HUP [inetd PID]).
Solaris 10, Solaris 11, Enterprise Linux 6.4, CentOS 6.4, Fedora 19:
1. you become a root, and then stop the service like the following:
# rpcinfo -d [program num] [version num]
2. comment its entry by putting a # at the beginning of the line with 'llockmgr' in /etc/rpc
3. # pkill -HUP (x)inetd |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
