When using Erlang programs like ejabberd the Erlang port mapper daemon epmd is started

Question

0

Asked: May 23, 20262026-05-23T17:52:56+00:00 2026-05-23T17:52:56+00:00

When using Erlang programs like ejabberd the Erlang port mapper daemon epmd is started

0

When using Erlang programs like ejabberd the Erlang port mapper daemon epmd is started and opens port 4369.

This port is accessible over the internet (only most recent ejabberd versions allow to configure that epmd should bind to localhost) by default.

The ejabberd documentation recommends blocking this port via packet filter rules and a comment in the Debian bug tracker calls this default behavior ‘a nightmare from a security point of view’.

What is the worst case scenario when ejabberd is running and port 4369 is not blocked?

Say – the firewall is mis-configured by accident or something like that.

What would be the most evil thing a Erlang-fluent attacker could do over this port?

Under what user/privileges runs the epmd under a linux distribution (e.g. Debian/Ubuntu)?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T17:52:56+00:00

Editorial Team

2026-05-23T17:52:56+00:00Added an answer on May 23, 2026 at 5:52 pm

You might find out the source/destination addresses and port number pairs of active connections between BEAMs. This may lead into DoS attacks to the inter-BEAM connections.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When using Erlang programs like ejabberd the Erlang port mapper daemon epmd is started

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply