Closing Port 111 (rpcbind)
The Issue
Port 111 (rpcbind service) was accessible from the internet. This creates two main risks:
- DDoS reflection attacks
- Network reconnaissance by attackers
The BSI regularly scans for such vulnerabilities and notifies providers automatically.
The Fix
Since my Proxmox Backup Server doesn’t need NFS functionality, simply disable rpcbind:
systemctl stop rpcbind.service
systemctl stop rpcbind.socket
systemctl disable rpcbind.service
systemctl disable rpcbind.socketVerify
Check the service is stopped:
systemctl status rpcbind.service
ss -tuln | grep :111