Currently, I am interested in RPC (remote procedure calls) running on different machines. What do you think: is running this service a "huge" security risks? I do not mean that any running service can be a security risk. My question goes in the direction of "what general attacks can be expected running such a service"? And what are the major goals of a potential attacker who find this service and what can he do in general? Furthermore, why is it sometimes necessary to run an rpc daemon instead of disable it? For what exactly is it required?
I also played around with the tool rpcinfo to get some more information about the remote machine.
I would kindly like to start a little discussion about this topic to learn what the community thinks about and to get more experiences with tools like rpcinfo, rpcclient, etc.