Sorry, I just noticed I replied to Chuck but forgot to CC the list.
Cheers,
Leandro
---------- Forwarded message ----------
From: Leandro Meiners <lmeiners@xxxxxxxxx>
Date: Mon, Jul 2, 2012 at 3:52 PM
Subject: Re: RPC rpcinfo command PATCH
To: Chuck Lever <chuck.lever@xxxxxxxxxx>
Hi,
Guess I did it to follow the same convention as clnt_com_create(), but
for no other particular reason. Basically it was useful because I used
it to determine that the firewall was not filtering UDP connections to
the portmapper (111/udp) but was filtering connections to the TCP
portmapper (111/tcp). This allowed me to enumerate the RPC services
running on the host and determine that the firewall was not blocking
everything it should.
Cheers,
Leandro.-
On Mon, Jul 2, 2012 at 3:43 PM, Chuck Lever <chuck.lever@xxxxxxxxxx> wrote:
>
> On Jul 2, 2012, at 10:32 AM, Leandro Meiners wrote:
>
>> Hi,
>>
>> I have written a patch for the rpcinfo command that allows querying
>> the port-mapper via UDP instead of TCP. I added a new parameter
>> (upper-case P) for this functionality. It was helpful for me during a
>> penetration test and I thought it might be worth adding to the
>> project.
>> Signed-off-by: Leandro Meiners <lmeiners@xxxxxxxxx>
>
> Instead of passing a string ("tcp") to pmapdump(), why not use IPPROTO_TCP and IPPROTO_UDP ?
>
> Can you say a little bit more about how UDP helped you?
--
Leandro Federico Meiners
--
Leandro Federico Meiners
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
