Roger Bell_West  wrote:

> On 2018-03-08, Fred Smith wrote:
> >Port number: UDP:111 is being used by /sbin/rpcbind
> >Port number: UDP:964 is being used by /sbin/rpcbind
>
> Needed for NFS, mostly. You can turn it off. http://lmgtfy.com/?q=rpcbind

OK, thanks:

sudo systemctl stop  rpcbind.service
sudo systemctl stop  rpcbind.socket
sudo systemctl stop  rpcbind.target
sudo systemctl disable rpcbind
sudo systemctl disable rpcbind.socket
sudo systemctl disable rpcbind.target

> >Port number: UDP:123 is being used by /usr/sbin/ntpd
>
> ntpd is good.
>
> >Port number: UDP:38243 is being used by /usr/bin/transmission-daemon
> >Port number: UDP:51413 is being used by /usr/bin/transmission-daemon
>
> Bittorrent client.

Yes, I've been running both for years, but this is
the first time it's come up in rkhunter output.

> >Port number: UDP:5353 is being used by /usr/sbin/avahi-daemon
> >Port number: UDP:60282 is being used by /usr/sbin/avahi-daemon
>
> Completely dispensable. http://lmgtfy.com/?q=avahi

OK, thanks:

sudo systemctl disable avahi-daemon
sudo systemctl disable avahi-daemon.socket
sudo systemctl stop  avahi-daemon
sudo systemctl stop  avahi-daemon.socket

and reboot and run rhkunter again.  The rpcbind and
avahi-daemon ports have disappeared from the output.

> >Port number: UDP:68 is being used by /sbin/dhcpcd5
>
> Is this machine meant to be a DHCP _server_?

Definitely not *meant* to be. Where do I configure
that?

--- SoupGate-Win32 v1.05