[1576] in Release_7.7_team
nmap and patches patch release
daemon@ATHENA.MIT.EDU (John Hawkinson)
Wed Dec 30 10:09:07 1998
Date: Wed, 30 Dec 1998 10:09:02 -0500 (EST)
To: release-team@MIT.EDU
From: John Hawkinson <jhawk@MIT.EDU>
It would be nice if the patches patch release could do something about
the rather well-publicized (of late) kill-a-machine's-inetd-remotely
(with nmap) attack (affects Solaris; I don't know about IRIX).
I don't know what we could do that fits within our paradigm,
however. Sun hasn't released a patch for this problem yet
(though they are aware of it and have already assigned
two duplicate bugids to it, 4154509 and 4190945).
Relatively infeasable approaches include:
Replacing inetd with
sh -c '(while :; do inetd -sd > /dev/null 2>&1; done)&'
Patching inetd to SIG_IGN SIGPIPE
Move to the athena 8.3 inetd.
I suppose a feasable approach might be:
Wait until the end of our window for such a patchrelease and
hope Sun releases a patch by then.
Anyhow, none of these really make me happy, or fit within what I think
necessary constraints are.
Just trying to raise awareness...
--jhawk
