Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Networker] Strange portmap situation

2006-11-17 00:35:54
Subject: [Networker] Strange portmap situation
From: Stan Horwitz <stan AT TEMPLE DOT EDU>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Fri, 17 Nov 2006 00:28:48 -0500
This question pertains to the NetWorker 7.2.1 server that I run on Sun Solaris 9.
One of my colleagues informed me that one of his systems is receiving connection attempts from both IP addresses (dual network cards) from my NetWorker server, yet this particular system is not a NetWorker client. 

His log shows activity such as
Nov 16 17:59:40 temp1 portmap[7393]: connect from x.y.z.1 to callit (390109): request from unauthorized host Nov 16 17:59:40 temp1 portmap[7394]: connect from x.y.z.2 to callit (390109): request from unauthorized host Nov 16 17:59:40 temp1 portmap[7395]: connect from x.y.z.1 to callit (390109): request from unauthorized host Nov 16 17:59:40 temp1 portmap[7396]: connect from x.y.z.2 to callit (390109): request from unauthorized host Nov 16 17:59:43 temp1 portmap[7397]: connect from x.y.z.1 to callit (390109): request from unauthorized host Nov 16 17:59:43 temp1 portmap[7398]: connect from x.y.z.2 to callit (390109): request from unauthorized host Nov 16 17:59:43 temp1 portmap[7399]: connect from x.y.z.1 to callit (390109): request from unauthorized host Nov 16 17:59:43 temp1 portmap[7400]: connect from x.y.z.2 to callit (390109): request from unauthorized host 

Both this workstation and the NetWorker server are on the same subnet.
From what I can gather, it looks like NetWorker is port scanning to look for the usual NetWorker client RPC ports. But why is my NetWorker server scanning this particular system at all, and why is it looking at ports that NetWorker 
does not use, or is it?

How do I stop this scanning from happening?
I tried to research this info via google and EMC's web site, but all I could find was on Google and that told me there might be a security issue, but I suspect what is actually happening is the result of some misconfiguration, but finding the cause of this problem eludes me. Otherwise, this NetWorker server is working quite well.
If anyone has any suggestions on how I can troubleshoot this, please let me know. 

To sign off this list, send email to listserv AT listserv.temple DOT edu and type 
"signoff networker" in the
body of the email. Please write to networker-request AT listserv.temple DOT edu 
if you have any problems
wit this list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Error backing up Windows box, Stan Horwitz
Next by Date:  Re: [Networker] Strange portmap situation, Stuart Whitby
Previous by Thread:  Re: [Networker] Directives - skip data but keep directory structu re in index, Werth, Dave
Next by Thread:  Re: [Networker] Strange portmap situation, Stuart Whitby
Indexes:  [Date] [Thread] [Top] [All Lists]