The security consultant here would like me not to run the RPC portmapper. I suppose this is a known security issue, and I'm not actually using the services that depend on it.
It seems to be started in /etc/initd/netbase, but looking at that script, it's not obvious to me what the base way to disable it would be. Any advice or any pointers to where I could go and read? Jim
