[705] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [linux-security] Denial of service in inetd

daemon@ATHENA.MIT.EDU (Kit Knox)
Sun May 5 14:19:20 1996

Date: Sat, 4 May 1996 15:03:46 -0700 (PDT)
From: Kit Knox <kit@connectnet.com>
To: Peter Henning <peterh@gem.co.za>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <3189A696.348AFBC0@gem.co.za>

On Fri, 3 May 1996, Peter Henning wrote:

> Does anyone know whether xinetd is vulnerable to the same sort of attacks?
> If not, it should be considered as a more secure inetd replacement.
> Unfortunately the configurations files are slightly different.

These internal services can be abused in many other ways.  UDP storms (to
the echo port etc) come to mind.  Everyone should disable these to begin
with.  I have no idea why the main distributions (redhat/slack/etc) decide
to distribute these insecure distributions.

+-----------------------------------------+
| Kit Knox - System Administrator         |
| CONNECTnet - http://www.connectnet.com/ |    
+-----------------------------------------+


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[705] in linux-security and linux-alert archive

Re: [linux-security] Denial of service in inetd

daemon@ATHENA.MIT.EDU (Kit Knox)Sun May 5 14:19:20 1996

daemon@ATHENA.MIT.EDU (Kit Knox)
Sun May 5 14:19:20 1996