[689] in linux-security and linux-alert archive
[linux-security] Denial of service in inetd
daemon@ATHENA.MIT.EDU (Chris Farris)
Thu May 2 14:16:08 1996
From: Chris Farris <cfarris@iss.net>
To: linux-security@tarsier.cv.nrao.edu
Date: Thu, 2 May 1996 11:59:00 -0400 (EDT)
Cc: cfarris@phoenix.iss.net (Chris Farris),
mhw@phoenix.iss.net (Michael Warfield)
Reply-To: cfarris@iss.net
We have uncovered some potential problems with the time and daytime
services under inetd.
If you send these services the "SYN" packet and then reset the connection
before the connection is open, it will cause inetd to die completly.
This could be a fairly nasty denial of service attack if you use any of the
services in inetd, and a firewall may not protect you if the filter rules
do not filter out those packets.
I'd recomend everyone here comment out the TCP (stream) versions of these
services.
Chris
--
Chris Farris | Voice: (404)252-7270
Internet Security Systems, Inc. | Fax: (404)252-2427
Ste. 115, 5871 Glenridge Dr, | www: http://www.iss.net/
Atlanta, GA 30328 | Email: cfarris@iss.net
1st rule of computer security: What You Don't See Is What Gets You
