[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #VFJ-931752]: Does this affect the LDM at all?

This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.

  • Subject: [LDM #VFJ-931752]: Does this affect the LDM at all?
  • Date: Tue, 22 Sep 2015 15:47:55 -0600
Gilbert,

Your LDM should be OK.

> And this from our IT folks, hoping it doesn't break anything
> on my end:
> 
> --------------------------------------------------------------------------
> 
> Hi Everyone,
> 
> Happy Tuesday! We have run into something at DoIT that I wanted to pass
> along for consideration. We have noticed, and the outside world states it
> is an issue on the rise - exploitation of the Portmapper service TCP/UDP
> port 111. Various services inherently use portmapper to obtain the port
> assigned to an application prior to making the connection to the
> application. So - blocking port 111 can break things. Current best
> practices suggest only allowing 111 to traverse the "inside" network and
> block it from the outside.  Unfortunately, it is very difficult to tell
> who, what, and where people may be relaying on this from the outside.
> 
> Any feedback? Anyone know that blocking port 111 at the edge to the dark
> side of the moon will break things?
> ---------------------------------------------------------------------------
> 
> Gilbert


Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: VFJ-931752
Department: Support LDM
Priority: Normal
Status: Closed