The file /etc/rpc contains a list of network services. Typically, when a remote machine wants to connect to one of those services on your machine, it first issues a query to the rpcbind program running on your computer. It knows the name of the services it wants to connect with, but doesn’t know what port number to use. Your rpcbind will respond with a port number. The remote host will then attempt a connection to the specified port.
rpcbind is a service-name-to-port-number translator. In other Unix versions it’s usually called portmapper.
If there’s an /etc/rpc service you run that you want other hosts to be able to find on your machine, then those hosts must be able to speak to your rpcbind. The most commonly used services requiring remote access to rpcbind are NFS and NIS/NIS+.
So it might not be feasible to refuse all remote access to your rpcbind (though some people do just that). But it may be feasible to restrict access to, say, your department. It is certainly feasible in most cases to restrict access to the 128.192 subnet (effectively “the UGA campus”).
Note that blocking rpcbind doesn’t block access to the/etc/rpc services altogether. It does block access for those programs which do an rpcinfo query in order to reach those services. (This is conceptually analogous to the relationship between IP addresses and DNS.) It is standard to issue such a query; any /etc/rpc-service-using binary shipping with an OS should fall into this category. Happily, the “standard” statd, nlockmgr, cmsd, etc. vulnerability exploits also fall into this category.