Follow us on Twitter!
It is never to LATE to become what you never WERE.
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 24
Members Online: 7

Registered Members: 82881
Newest Member: DARKLECTER
Latest Articles
View Thread

HellBound Hackers | HellBound Hackers | Questions

Author

RPC - risks or vulnerable?

bruxa
Member

Your avatar

Posts: 14
Location:
Joined: 02.07.08
Rank:
Newbie
Posted on 12-03-10 15:25
Hi all,
Currently, I am interested in RPC (remote procedure calls) running on different machines. What do you think: is running this service a "huge" security risks? I do not mean that any running service can be a security risk. My question goes in the direction of "what general attacks can be expected running such a service"? And what are the major goals of a potential attacker who find this service and what can he do in general? Furthermore, why is it sometimes necessary to run an rpc daemon instead of disable it? For what exactly is it required?

I also played around with the tool rpcinfo to get some more information about the remote machine.
I would kindly like to start a little discussion about this topic to learn what the community thinks about and to get more experiences with tools like rpcinfo, rpcclient, etc.

Thank for answering
bruxa

Author

RE: RPC - risks or vulnerable?

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 12-03-10 23:24
Homework much?



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: RPC - risks or vulnerable?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-03-10 13:28
No body cares, please come back when you have an even remotely interesting question.


Author

RE: RPC - risks or vulnerable?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-03-10 15:49
There's loads of information on RPC all over the Internets.

For defense, Google "rpc security".
For offense, Google "rpc attack".

Read some, then refine your search based upon what you've learned about or seen as buzzwords.


Author

RE: RPC - risks or vulnerable?

bruxa
Member

Your avatar

Posts: 14
Location:
Joined: 02.07.08
Rank:
Newbie
Posted on 14-03-10 19:40
aehhhh, you are right! Google should mostly always asked as fist....
Author

RE: RPC - risks or vulnerable?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-03-10 16:31
Ahh, the cynicism is in the air...


Author

RE: RPC - risks or vulnerable?

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 15-03-10 16:40
cyb3rl0rd1867 wrote:
Ahh, the cynicism is in the air...

No.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net