How to secure Portmapper with NFS?

R

Razva

Member
Aug 30, 2012
16
1
3
cPanel Access Level
Root Administrator
Hello,

The best way to secure a server agains Portmapper vulns/scans/ddos is to basically stop and disable the service. Unfortunately this will render NFS unusable which, in my case, is a no-go.

What is the best solution in this case?

Thank you,
Razvan
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,258
463
Hello,

You may need to enable the service and restrict it with iptables firewall rules. However, keep in mind this is unsupported and more of an OS-related topic that's better answered on a website such as Stackoverflow or the CentOS forums. Here's a third-party URL you may find helpful:

iptables rules for nfs

Additionally, keep in mind that using NFS on a cPanel & WHM environment is unsupported at this time.

Thank you.
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,258
463
Hello,

The "rpcbind" package isn't required unless you utilize NFS mounts on the server. No other cPanel & WHM functionality relies on it. I recommend posting on Stackoverflow or the CentOS forums for more feedback on alternatives to protect against attacks against the PortMapper service when using a NFS mount.

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
leonep LFD wp-toolkit whitelist commands in /var/log/secure Security 1
S SOLVED whm showing not secure Security 3
K In Progress CPANEL-37526 - SECURED_DOMAIN_DCV_FAILURE: One or more currently-secured domains failed DCV. Security 6
A Secure Server From DDos Attacks via CSF Security 2
T Should I secure my cpanel Security 3
Similar threads
LFD wp-toolkit whitelist commands in /var/log/secure
SOLVED whm showing not secure
In Progress CPANEL-37526 - SECURED_DOMAIN_DCV_FAILURE: One or more currently-secured domains failed DCV.
Secure Server From DDos Attacks via CSF
Should I secure my cpanel
Top Bottom