You need to setup a firewall (either a separate hardware box or iptables on this server) that allows only those IPs you need to connect to those ports. You should never expose a service like this to the entire Internet. ~ Brian Mathis @orev On Fri, Jul 1, 2016 at 8:38 AM, Leon Vergottini <leonv at cornerstone.ac.za> wrote: > Dear Community > > I hope you are all doing well. > > Recently I have been receiving several complaints from our service > provider. Please see the complaint below: > > A public-facing device on your network, running on IP address > XXX.XXX.XXX.XXX, operates a RPC port mapping service responding on UDP port > 111 and participated in a large-scale attack against a customer of ours, > generating responses to spoofed requests that claimed to be from the attack > target. > > Please consider reconfiguring this server in one or more of these ways: > > 1. Adding a firewall rule to block all access to this host's UDP port 111 > at your network edge (it would continue to be available on TCP port 111 in > this case). > 2. Adding firewall rules to allow connections to this service (on UDP port > 111) from authorized endpoints but block connections from all other hosts. > 3. Disabling the port mapping service entirely (if it is not needed). > > > > Unfortunately, I cannot disable NFS which lies at the root of this > problem. In addition, I am struggling to find a proper tutorial of moving > NFS from udp over to tcp. > > May I kindly ask you to point me in a direction or provide me with ideas on > how to nail this thing in the .... > > Kind Regards > Leon > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >