RPC

• Turn off or remove any RPC service
Install the latest patches
Regularly search the vendor patch database
Block the RPC port (111) on firewall / router
Block the RPC ¡±loopback¡± ports (32770-32789 TCP & UDP)
Enable a non-excutable stack
NFS exported file systems
    - Use host/IP based export lists
    - Setup exported file systems for read-only or no-suid
    - Use nfsbug to scan for vulnerabilities