Save money on bandwidth by disabling reflective rpc queries in Linux CentOS RHEL Ubuntu Debian

Even today we see a lot of servers that have different services and ports open for rpc and this creates not only potential inward vulnerabilities but perhaps more common, the abuse of your network resources in reflective rpc queries.

To stop this problem, you should disable and remove all services relating to rpc or at least block all relevant ports for the service.

Surprisingly, there are still some providers and OS installs in Linux that install these services and leave them open.  I've seen it cost companies up to thousands per month or more based on RPC being open and available which is then used in reflective DDOS.

Disable these services relating to RPC to stop the abuse:

rpcbind
rpcgssd

One common thing is that you may find servers with unexpectedly higher traffic than normal that cannot be attributed to the main applications running.  It may be less obvious if it's a slight bump in traffic on already busy nodes, so look carefully and ensure your base images/containers are locked down.


Tags:

bandwidth, disabling, reflective, rpc, queries, linux, centos, rhel, ubuntu, debianeven, servers, ports, creates, inward, vulnerabilities, disable, relating, relevant, surprisingly, providers, os, installs, install, ve, ddos, rpcbind, rpcgssd, unexpectedly, attributed, applications, slight, nodes, ensure, images, containers,

Latest Articles

  • FreePBX 17 How To Add a Trunk
  • Docker Container Onboot Policy - How to make sure a container is always running
  • FreePBX 17 How To Add Phones / Extensions and Register
  • Warning: The driver descriptor says the physical block size is 2048 bytes, but Linux says it is 512 bytes. solution
  • Cisco How To Use a Third Party SIP Phone (eg. Avaya, 3CX)
  • Cisco Unified Communication Manager (CUCM) - How To Add Phones
  • pptp / pptpd not working in DD-WRT iptables / router
  • systemd-journald high memory usage solution
  • How to Install FreePBX 17 in Linux Debian Ubuntu Mint Guide
  • How To Install Cisco's CUCM (Cisco Unified Communication Manager) 12 Guide
  • Linux Ubuntu Redhat How To Extract Images from PDF
  • Linux and Windows Dual Boot Issue NIC Won't work After Booting Windows
  • Cisco CME How To Enable ACD hunt groups
  • How to install gns3 on Linux Ubuntu Mint
  • How to convert audio for Asterisk .wav format
  • Using Cisco CME Router with Asterisk as a dial-peer
  • Cisco CME How To Configure SIP Trunk VOIP
  • Virtualbox host Only Network Error Failed to save host network interface parameter - Cannot change gateway IP of host only network
  • Cisco CME and C7200 Router Testing and Learning Environment on Ubuntu 20+ Setup Tutorial Guide
  • Abusive IP ranges blacklist