
RPC Settings
RPC Info: Enables RPC scans and basic RPC tests. This must be selected for all other
RPC tests to run. All RPC services found through the portmapper or the RPC port
scan are reported. The following services are flagged as vulnerable if they
are detected:
Scan all if portmapper found: Tests all known RPC ports for services in addition to those identified by
the portmapper.
Check Ruser: Attempts to obtain user information from the ruser daemon. See
NIS Check: Performs checks on the NIS service. See
Rstat Check: Tests if the rstat service is running. See
RPC/NIS Update Check: Attempts to execute commands with NIS. See
Selection Service Check: Determines if the selection service can obtain critical files. See
RPC pcnfsd Check: Attempts to execute commands through pcnfsd. Warning - this check may disable the PCNFSD service. See
Boot Parameter Check: Tests if the bootp service is running. This service can allow NIS to be
compromised. See
Full Domain Guess: This option instructs the Intranet Scanner program to parse all the trusted
host names. That is, the scanner attempts to use permutations of the host names
to make password guesses. When this option is not enabled, the scanner uses
permutations only of the host name of the machine being scanned.
RPC Statd Check: Attempts to create a file using statd. See
NIS Domain Name: The domain name that is guessed by the NIS Domain Name scan. If this is
guessed, it represents a serious breach. An intruder can use NIS to obtain password
files and other critical information. See