> On Sat, 16 Feb 2002, joe bsd wrote:
> > I ran nmap against my netbsd machine.  I saw that
> > sunrpc service was open.  Is this a security risk?
>
> Maybe.

I want to expand on this. Just because some port is open doesn't mean it
is a "security risk". If you are asking if this particular daemon has has
an insecure protocol (like POP3) I don't know. If it the daemon itself has
security problems then, of course, they should be fixed. (Most likely it
doesn't have a security issue unless it is new or unknown.)

If you need a service but are worried about it, then use IPF and/or other
firewalls to help limit to your own trusted users.

   Jeremy C. Reed
   http://www.reedmedia.net/