GEN:SID 1:1281
Message RPC portmap listing UDP 32771
Summary This event is generated when an attempt is made dump entries from the portmapper on a Solaris host.
Impact Information disclosure.  This request can discover what Remote Procedure Call (RPC) services are offered and on what ports they listen.
Detailed Information The portmapper service registers all RPC services on UNIX hosts.  It can be queried for all RPC services running, the RPC program name and version, the protocol (TCP or UDP), and the port where the service listens.  This can provide an attacker with valuable information about which RPC services are offered and on which ports.
Affected Systems All hosts running portmapper.
Attack Scenarios An attacker can query the portmapper to discover RPC services and their associated listening ports.
Ease of Attack Simple.
Corrective Action Limit remote access to RPC services.

Filter RPC ports at the firewall to ensure access is denied to RPC-enabled machines.

Disable unneeded RPC services.
Additional References Arachnids:
http://www.whitehats.com/info/IDS429

Rule References arachnids: 429