Article overview

Help article

How do I make sure RPC Portmapper can't be used as reflector in distributed reflected denial of service attacks?

This FAQ-article explains how to make sure RPC Portmapper can't be used as reflector in distributed reflected denial of service attacks .

We will show you the steps for the commonly used firewalls.

  • Firewalld
firewall-cmd --permanent --zone=public --add-port=111/udp (Enter)

You will receive a "success" notification when successful. After that you will need to reload the firewall in order to initiate the new rule:

firewall-cmd --reload
  • IPtables

When using iptables you can use the following command:

iptables -A INPUT -p udp --dport 111 -j DROP (Enter)
You will need to reload the firewall in order to active the new firewall rule:
service iptables restart
Please note! If you are using Debian 6 or 7 iptables will not be running as a service by default (see this page for more info). In that case you can use the commando "apt-get install iptables-persistent" to make this possible.

  • Windows Firewall 2008 & 2012
Click start and search for "firewall".
Click on "Windows Firewall with Advanced Security".

Go to "Inbound Rules" and click with your right mouse button on "Inbound rules". Choose "New Rule".

Choose: "Port" and click "Next".

Afterwards choose "UDP" and insert port 111 at "Specific local ports". Click "Next".

Choose "Block the connection" and click "Next" twice.

Make sure your new firewall rule has a name and a description (optionally).

Do you have a good idea?

Give us your idea! If it's popular we'll add it to the wishlist!

Has this article been helpful?

Create an account or log in to leave a rating.

Share this article

Comments

Create an account or log in to be able to leave a comment.

Are you stuck?

Ask one of our specialists to assist you

Contact us