Even today we see a lot of servers that have different services and ports open for rpc and this creates not only potential inward vulnerabilities but perhaps more common, the abuse of your network resources in reflective rpc queries.
To stop this problem, you should disable and remove all services relating to rpc or at least block all relevant ports for the service.
Surprisingly, there are still some providers and OS installs in Linux that install these services and leave them open. I've seen it cost companies up to thousands per month or more based on RPC being open and available which is then used in reflective DDOS.
rpcbind
rpcgssd
One common thing is that you may find servers with unexpectedly higher traffic than normal that cannot be attributed to the main applications running. It may be less obvious if it's a slight bump in traffic on already busy nodes, so look carefully and ensure your base images/containers are locked down.
bandwidth, disabling, reflective, rpc, queries, linux, centos, rhel, ubuntu, debianeven, servers, ports, creates, inward, vulnerabilities, disable, relating, relevant, surprisingly, providers, os, installs, install, ve, ddos, rpcbind, rpcgssd, unexpectedly, attributed, applications, slight, nodes, ensure, images, containers,