Internet-Security.com TCP port 32768 details

Unix/Linux ONC RPC services used with NFS (notably rpc.statd/NSM, rquotad, and sometimes rpc.mountd from nfs-utils) are often observed listening on TCP port 32768 on older distributions when RPC high ports aren’t explicitly pinned (e.g., many RHEL/CentOS 4–6 and SLES 10/11 deployments, and some NAS appliances).
In practice, administrators and default configs historically placed these RPC daemons in the 32765–32768 range, making TCP/32768 a common sight on legacy NFS servers.
Exploitation history: rpc.statd had widely abused remote overflow bugs (for example, CVE-2000-0666), and worms like Ramen and Lion located the service via rpcbind (111) and then connected to its assigned high port—often 32768—to gain root access.

TCP 32768