{"id":23500,"date":"2022-05-29T09:45:23","date_gmt":"2022-05-29T09:45:23","guid":{"rendered":"https:\/\/irancld.com\/%d8%b1%d9%81%d8%b9-%d8%a7%d8%a8%db%8c%d9%88%d8%b3-accessible-portmapper-%d9%87%d8%aa%d8%b2%d9%86%d8%b1-%d8%aa%d9%88%d8%b6%db%8c%d8%ad\/"},"modified":"2024-03-14T13:06:53","modified_gmt":"2024-03-14T14:06:53","slug":"%d8%b1%d9%81%d8%b9-%d8%a7%d8%a8%db%8c%d9%88%d8%b3-accessible-portmapper-%d9%87%d8%aa%d8%b2%d9%86%d8%b1-%d8%aa%d9%88%d8%b6%db%8c%d8%ad","status":"publish","type":"post","link":"https:\/\/www.novinhost.org\/%d8%b1%d9%81%d8%b9-%d8%a7%d8%a8%db%8c%d9%88%d8%b3-accessible-portmapper-%d9%87%d8%aa%d8%b2%d9%86%d8%b1-%d8%aa%d9%88%d8%b6%db%8c%d8%ad\/","title":{"rendered":"\u0631\u0641\u0639 \u0627\u0628\u06cc\u0648\u0633 accessible Portmapper \u0647\u062a\u0632\u0646\u0631 + \u0622\u0645\u0648\u0632\u0634 \u06a9\u0627\u0645\u0644"},"content":{"rendered":"
\u0622\u0645\u0648\u0632\u0634 \u0631\u0641\u0639 \u0627\u0628\u06cc\u0648\u0633 accessible Portmapper :<\/strong> \u0627\u06af\u0631 \u0627\u0632 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0633\u0631\u0648\u0631 \u0645\u062c\u0627\u0632\u06cc<\/a> \u06cc\u0627 \u0633\u0631\u0648\u0631 \u0627\u062e\u062a\u0635\u0627\u0635\u06cc<\/a> \u062f\u06cc\u062a\u0627\u0633\u0646\u062a\u0631 \u0645\u062d\u0628\u0648\u0628 \u0647\u062a\u0632\u0646\u0631 \u0628\u0627\u0634\u06cc\u062f. \u0627\u062d\u062a\u0645\u0627\u0644\u0627 \u067e\u06cc\u0627\u0645\u06cc \u0628\u0627 \u0639\u0646\u0648\u0627\u0646 Openly accessible Portmapper services \u062f\u0631\u06cc\u0627\u0641\u062a \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u067e\u0633\u062a \u0622\u0645\u0648\u0632\u0634 \u0631\u0641\u0639 \u0627\u0628\u06cc\u0648\u0633 \u0631\u0627 \u0622\u0645\u0648\u0632\u0634 \u062e\u0648\u0627\u0647\u06cc\u0645 \u062f\u0627\u062f. \u0628\u0627 \u0646\u0648\u06cc\u0646 \u0647\u0627\u0633\u062a \u0647\u0645\u0631\u0627\u0647 \u0628\u0627\u0634\u06cc\u062f.<\/p>\n <\/p>\n We received a security alert from the German Federal Office for Information Security (BSI).<\/span> ….<\/p>\n > Sehr geehrte Damen und Herren,<\/span> …<\/p>\n > Dear Sir or Madam,<\/span> \u0633\u0631\u0648\u06cc\u0633 portmapper \u06cc\u0627 RPCbind \u0633\u0631\u0648\u06cc\u0633\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631\u0627\u06cc mount \u06a9\u0631\u062f\u0646 \u0645\u0646\u0627\u0628\u0639 \u0641\u0627\u06cc\u0644 \u0631\u06cc\u0645\u0648\u062a\u00a0Network File System (NFS) \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0645\u06cc\u06af\u06cc\u0631\u062f.<\/p>\n \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u062a\u0648\u0633\u0637 \u0639\u0645\u0648\u0645 \u0642\u0627\u0628\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0627\u0634\u062f. (\u0628\u0627 \u062f\u0633\u062a\u0648\u0631 rpcinfo -T udp -p 192.168.45.67 \u00a0\u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.) \u0645\u06cc\u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u062d\u0645\u0644\u0647 \u0628\u0647 \u0633\u0627\u06cc\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u0628\u06af\u06cc\u0631\u062f.<\/p>\n \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u0628\u0647 \u0637\u0648\u0631 \u067e\u06cc\u0634\u0641\u0631\u0636 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0647\u0627\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633\u06cc \u0627\u0632 \u0642\u0628\u06cc\u0644 \u0633\u0646\u062a \u0627\u0648 \u0627\u0633 (centos) \u0628\u0627\u0632 \u0627\u0633\u062a. \u0648 \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0627\u06cc\u0646\u06a9\u0647 \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u062f\u06cc\u06af\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0686\u0646\u062f\u0627\u0646\u06cc \u0646\u062f\u0627\u0631\u062f \u0628\u0647 \u0633\u0627\u062f\u06af\u06cc \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u062f \u0633\u0631\u0648\u06cc\u0633 \u0631\u0627 \u063a\u06cc\u0631 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/p>\n \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646\u06a9\u0627\u0631 \u062f\u0631 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062e\u0648\u062f \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0632\u06cc\u0631 \u0631\u0627 \u0648\u0627\u0631\u062f \u0646\u0645\u0627\u06cc\u06cc\u062f:<\/p>\n chkconfig rpcbind off<\/strong><\/p>\n service rpcbind stop<\/strong><\/p>\n \u0628\u0627 \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631 \u062f\u0648\u0645 \u0628\u0627\u06cc\u062f \u062e\u0631\u0648\u062c\u06cc \u0645\u0642\u0627\u0628\u0644 \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u06cc\u062f:<\/p>\n Stopping rpcbind: [ OK ]<\/strong><\/p>\n \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0642\u0627\u0646\u0648\u0646 “\u0647\u06cc\u0686 \u067e\u0648\u0631\u062a\u06cc \u0631\u0627 \u0628\u06cc \u062f\u0644\u06cc\u0644 \u0628\u0627\u0632 \u0646\u06af\u0630\u0627\u0631” \u0644\u0627\u0632\u0645 \u0627\u0633\u062a \u067e\u0648\u0631\u062a \u06f1\u06f1\u06f1 \u0631\u0627 \u06a9\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u0627\u0633\u062a \u0645\u0633\u062f\u0648\u062f \u0646\u0645\u0627\u06cc\u06cc\u062f \u060c \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 iptables \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u062f. \u0628\u0627 \u062f\u0633\u062a\u0648\u0631<\/p>\n \/sbin\/iptables -A INPUT -p udp –destination-port 111 -j DROP<\/strong><\/p>\n \/sbin\/iptables -A INPUT -p tcp –destination-port 111 -j DROP<\/strong><\/p>\n \u0627\u06cc\u0646 \u067e\u0648\u0631\u062a \u0631\u0627 \u0645\u0633\u062f\u0648\u062f \u0646\u0645\u0627\u06cc\u06cc\u062f.<\/p>\n \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u06cc\u062f \u0622\u06cc \u067e\u06cc \u062e\u0627\u0635\u06cc \u0628\u0647 \u0627\u06cc\u0646 \u067e\u0648\u0631\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u062f\u0633\u062a\u0648\u0631<\/p>\n iptables -I INPUT -p tcp -s 10.1.1.2 –dport 111 -j ACCEPT<\/strong><\/p>\n \u0642\u0628\u0644 \u0627\u0632 \u062f\u0648 \u062f\u0633\u062a\u0648\u0631 \u0630\u06a9\u0631 \u0634\u062f\u0647 \u062f\u0631 \u0628\u0627\u0644\u0627, \u0628\u0647 \u0622\u06cc \u067e\u06cc \u0645\u0648\u0631\u062f \u0646\u0638\u0631 (\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f \u06f1\u06f0\u066b\u06f1\u066b\u06f1\u066b\u06f2) \u0627\u062c\u0627\u0632\u0647 \u0648\u0631\u0648\u062f \u062f\u0647\u06cc\u062f.<\/p>\n \u0631\u0641\u0639 \u0627\u06cc\u0628\u0648\u0633 offene ldap server<\/a><\/p>\n \u0631\u0641\u0639 \u0627\u06cc\u0628\u0648\u0633 ms sql browser service<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" \u0622\u0645\u0648\u0632\u0634 \u0631\u0641\u0639 \u0627\u0628\u06cc\u0648\u0633 accessible Portmapper : \u0627\u06af\u0631 \u0627\u0632 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0633\u0631\u0648\u0631 \u0645\u062c\u0627\u0632\u06cc \u06cc\u0627 \u0633\u0631\u0648\u0631 \u0627\u062e\u062a\u0635\u0627\u0635\u06cc \u062f\u06cc\u062a\u0627\u0633\u0646\u062a\u0631 \u0645\u062d\u0628\u0648\u0628 \u0647\u062a\u0632\u0646\u0631 \u0628\u0627\u0634\u06cc\u062f. \u0627\u062d\u062a\u0645\u0627\u0644\u0627 \u067e\u06cc\u0627\u0645\u06cc \u0628\u0627 \u0639\u0646\u0648\u0627\u0646 Openly accessible Portmapper services \u062f\u0631\u06cc\u0627\u0641\u062a \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u067e\u0633\u062a \u0622\u0645\u0648\u0632\u0634 \u0631\u0641\u0639 \u0627\u0628\u06cc\u0648\u0633 \u0631\u0627 \u0622\u0645\u0648\u0632\u0634 \u062e\u0648\u0627\u0647\u06cc\u0645 \u062f\u0627\u062f. \u0628\u0627 \u0646\u0648\u06cc\u0646 \u0647\u0627\u0633\u062a \u0647\u0645\u0631\u0627\u0647 \u0628\u0627\u0634\u06cc\u062f. \u0646\u0645\u0648\u0646\u0647 \u0627\u06cc \u0627\u0632 \u0627\u0628\u06cc\u0648\u0633 accessible Portmapper \u0627\u0631\u0633\u0627\u0644 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0647\u062a\u0632\u0646\u0631: We … \u0627\u062f\u0627\u0645\u0647 \u0645\u0637\u0644\u0628<\/a><\/p>\n","protected":false},"author":7,"featured_media":4437,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[20],"tags":[],"acf":[],"yoast_head":"\n\u0646\u0645\u0648\u0646\u0647 \u0627\u06cc \u0627\u0632 \u0627\u0628\u06cc\u0648\u0633 accessible Portmapper \u0627\u0631\u0633\u0627\u0644 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0647\u062a\u0632\u0646\u0631:<\/h2>\n
Please see the original report included below for details.<\/span><\/p>\n
><\/span>
> der Portmapper-Dienst (portmap, rpcbind) wird bentigt, um<\/span>
> RPC-Anfragen einem Dienst zuzuordnen. Der Portmapper-Dienst wird<\/span>
> u.a. fr Netzwerkfreigaben ber das Network File System (NFS)<\/span>
> bentigt. Der Portmapper-Dienst verwendet Port 111 tcp\/udp.<\/span><\/p>\n
><\/span>
> the Portmapper service (portmap, rpcbind) is required for mapping RPC<\/span>
> requests to a network service. The Portmapper service is needed e.g.<\/span>
> for mounting network shares using the Network File System (NFS).<\/span>
> The Portmapper service runs on port 111 tcp\/udp.<\/span><\/p>\n\u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0648 \u0641\u0631\u0627\u0645\u06cc\u0646<\/h3>\n
\u0644\u06cc\u0646\u06a9 \u0647\u0627\u06cc \u0645\u0632\u062a\u0628\u0637 :<\/h3>\n