back to article Hackers exploiting wide-open Portmap to amp up DDoS attacks

Security watchers have warned about a new class of DDoS amplification attack threat which only exists because too many users are failing to follow basic safeguards. Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the …

  1. Anonymous Coward
    Anonymous Coward

    RPF is most of the answer

    Isn't it?

    1. Gerhard Mack

      Re: RPF is most of the answer

      It is part of the answer. The other is that portmap is mainly required for NFS and NFS is not needed on most systems and in the case where it is needed, there is a lot of manual configuration needed anyhow so there is no reason to install portmap or NFS by default.

      I really don't understand why so many Linux distros install it even in a barebones install.

      1. Mike 16 Silver badge

        Re:(why?)

        -- I really don't understand why so many Linux distros install it [...] --

        Probably the same reason a "server" install (on a headless machine) of some mainstream distros includes a metric buttload of video-card drivers and other media-munging cruft. Either they can't be arsed to figure out what is useful or

        "I once left Hercules support off the install disk I made for my Gran, and caught hell"

        "Does your Gran run a rack full of headless Xeon servers?"

        "No, but she _MIGHT_!"

        1. P. Lee Silver badge
          Coat

          Re: why?)

          >"I once left Hercules support off the install disk I made for my Gran, and caught hell"

          Your gran is still running monochrome graphics on an IBM text-only screen?

          That is dedication to retro-computing!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019