You should disable RPC if you do not need it.
Remote Procedure Call (RPC) is a protocol that programs can use to request services from other programs located on different computers. The portmap service controls RPC services by mapping RPC program numbers into DARPA protocol port numbers; it must be running in order to make RPC calls.
RPC-based services have had a bad record of security holes, although the portmapper itself hasn't (but still provides information to a remote attacker). Notice that some of the DDoS (distributed denial of service) attacks use RPC exploits to get into the system and act as a so called agent/handler.
You only need RPC if you are using an RPC-based service. The most common RPC-based services are NFS (Network File System) and NIS (Network Information System). See the previous section for more information about NIS. The File Alteration Monitor (FAM) provided by the package fam is also an RPC service, and thus depends on portmap.
NFS services are quite important in some networks. If that is the case for you, then you will need to find a balance of security and usability for your network (you can read more about NFS security in the http://www.tldp.org/HOWTO/NFS-HOWTO.html (/usr/share/doc/HOWTO/en-txt/NFS-HOWTO.txt.gz)).
5.13.1.Disabling RPC services completely
Disabling portmap is quite simple. There are several different methods. The simplest one in a Debian 3.0 system and later releases is to uninstall the portmap package. If you are running an older Debian version you will have to disable the service as seen in Section3.5.1, “Disabling daemon services”, because the program is part of the netbase package (which cannot be de-installed without breaking the system).
Notice that some desktop environments (notably, GNOME) use RPC services and need the portmapper for some of the file management features. If this is your case, you can limit the access to RPC services as described below.
5.13.2.Limiting access to RPC services
Unfortunately, in some cases removing RPC services from the system is not an option. Some local desktop services (notably SGI's fam) are RPC based and thus need a local portmapper. This means that under some situations, users installing a desktop environment (like GNOME) will install the portmapper too.
There are several ways to limit access to the portmapper and to RPC services:
Block access to these services using tcp wrappers, since the portmapper (and some RPC services) are compiled with libwrap (see Section4.12, “Using tcpwrappers”). This means that you can block access to them through the hosts.allow and hosts.deny tcp wrappers configuration.
Since version 5-5, the portmap package can be configured to listen only on the loopback interface. To do this, modify /etc/default/portmap, uncomment the following line: #OPTIONS="-i 127.0.0.1" and restart the portmapper. This is sufficient to allow local RPC services to work while at the same time prevents remote systems from accessing them (see, however, Section4.18.5, “Disabling weak-end hosts issues”).
FAQs
The client and the server each have their own private key (sometimes called a secret key) which they use together with the public key to devise a common key. They use the common key to communicate with each other, by using an agreed-upon encryption/decryption function (such as DES).
What is service RPC services? ›
A Remote Procedure Call (RPC) is a software communication protocol that one program uses to request a service from another program located on a different computer and network, without having to understand the network's details.
Is it safe to disable RPC? ›
Microsoft recommends that you don't disable the RPC service.
Is RPC a security risk? ›
While XML-RPC offers simplicity and ease of use, it is important to know the security risks associated with its implementation. Vulnerability in XML-RPC allows an attacker to make a system call, which can be dangerous for the application and servers.
What is RPC server for? ›
What is RPC? A remote procedure call (RPC) is a protocol that allows different processes on a computer to communicate with each other to perform a task. An RPC server is unavailable error occurs when a Windows PC cannot communicate with another computer on the same network.
Is RPC over HTTP Secure? ›
RPC over HTTP provides three types of security in addition to standard RPC security, which results in RPC over HTTP traffic being protected once by RPC, and then doubly protected by the tunneling mechanism provided by RPC over HTTP.
How do I check my RPC service? ›
To check whether the RPC and WMI Services are running in the remote machine:
- In the remote machine, go to Start → Run → services. msc.
- Check whether the services Remote Procedure Call and Windows Management Instrumentation are running. If not, start those services.
Example Applications
- Remote File access. Remote file and database access was one of the earliest uses of RPC. ...
- Remote Graphics. ...
- Remote software task management Load/Start/Control. ...
- Other Examples.
Remote Procedure Call (RPC) protocol is generally used to communicate between processes on different workstations. However, RPC works just as well for communication between different processes on the same workstation.
Is RPC a vulnerability? ›
Vulnerability Overview:
RPC is a communication method for calling and executing programs from other terminals connected to the network. CVE-2022-26809 is a remote code execution vulnerability in Microsoft RPC runtime and affects Windows.
Limiting access to RPC services. Unfortunately, in some cases removing RPC services from the system is not an option. Some local desktop services (notably SGI's fam) are RPC based and thus need a local portmapper.
Do people still use RPC? ›
However, RPC still exists and is used when it suits the use case better. Modern implementations of RPC, such as gRPC, are now more popular. For some use cases, gRPC performs better than RPC and REST. It allows streaming client-server communications rather than the request-and-respond data exchange pattern.
What are the cons of RPC? ›
Disadvantages of RPC
RPC involves more coupling—its methods can be a leaky abstraction.
Is RPC a web service? ›
There are a few central types of web services: XML-RPC, UDDI, SOAP, and REST: XML-RPC (Remote Procedure Call) is the most basic XML protocol to exchange data between a wide variety of devices on a network. It uses HTTP to quickly and easily transfer data and communication other information from client to server.
What is RPC authentication? ›
The authentication services on the server host system provide RPC authentication. Applications use authenticated remote procedure calls to ensure that all calls come from authorized clients. They can also help ensure that all server replies come from authenticated servers.
How do I secure my remote access server? ›
Basic Security Tips for Remote Desktop
- Use strong passwords. ...
- Use Two-factor authentication. ...
- Update your software. ...
- Restrict access using firewalls. ...
- Enable Network Level Authentication. ...
- Limit users who can log in using Remote Desktop. ...
- Set an account lockout policy.
Key Steps to Make Your Web Server Secure
- Create strong passwords.
- Generate an SSH key pair.
- Keep your server updated.
- Use firewalls.
- Consider using Linux as your web server operating system.
- Limit superuser/root access.
- Utilize VPNs and private networks.
- Use a multi-server environment.
We recommend that you place it on a separate, protected subnetwork. This will ensure that traffic between the Internet and the server does not traverse any part of your private internal network and that no internal network traffic is visible to the server.
How do I make my server secure? ›
So, here's a checklist to make sure your server's security is not compromised in any way.
- Use local firewall rules. ...
- Think twice before sharing any data: ...
- Enforce a strong password policy. ...
- Create individual administrative accounts: ...
- SQL server instances: ...
- Windows updates: ...
- Always have a backup plan: ...
- Code it right:
