This indicates an attempt to use an RPC request to get the status of a remote machine. It does not contain any attack or exploit.
Risk
Low
Popularity
Low
Characteristic
Loss of productivity? Have disclosed vulnerability? Can bypass firewall policy? Contain built-in function for other purposes? Can communicate in clear text or via proxy? Can support file transfer? Can be misused? Can tunnel other apps?
Affected Applications
rpc.rstatd
Recommended Actions
The signature can be set to "BLOCK" if this type of traffic is against the network policy.