[706] in linux-security and linux-alert archive
Re: [linux-security] Denial of service in inetd
daemon@ATHENA.MIT.EDU (Alan Cox)
Tue May 7 13:09:17 1996
From: iialan@iifeak.swan.ac.uk (Alan Cox)
To: kit@connectnet.com (Kit Knox)
Date: Tue, 7 May 1996 09:57:45 +0100 (BST)
Cc: peterh@gem.co.za, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SOL.3.93.960504150233.2626B-100000@connectnet1> from "Kit Knox" at May 4, 96 03:03:46 pm
> These internal services can be abused in many other ways. UDP storms (to
> the echo port etc) come to mind. Everyone should disable these to begin
> with. I have no idea why the main distributions (redhat/slack/etc) decide
> to distribute these insecure distributions.
It depends how people view them. There are some nasties in the internal
services. By your argument we shouldnt include TCP (insecure, spoofable,
can be tripped into a network food fight with fake frames), IP is right
out because you can destroy the routing tables causing the same effects,
and running on a 386 or 486 CPU is out as they have security bugs
Having echo "off" by default would be a good move though.
Alan
