The Portmap service is used to map RPC services to ports they are listening on. RPC processes notify Portmap when they start, registering the ports they are listening on and the RPC program numbers they expect to serve.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/s2-nfs-methodology-portmap
While the service is useful for NFS, it is also commonly used by attackers for Denial of Service attacks, potentially crippling systems through the use of public-facing Portmap services.
If you are not using NFS services on your cPanel server, it may be beneficial to disable the Portmap service to improve security.
To test if the Portmap service is enabled on your system, run the below command:
rpcinfo -T udp -p YOUR_IP_ADDRESS
You should see output similar to this:
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
To disable the Portmap service on CentOS 7 systems:
systemctl disable rpcbind
systemctl disable rpcbind.socket
systemctl stop rpcbind
systemctl stop rpcbind.socket
To verify the service is disabled, systemctl list-unit-files
should list "disabled" next to the entries:
rpcbind.service disabled
rpcbind.socket disabled
rpcbind.target static