[5721] in bugtraq
Re: Linux inetd..
daemon@ATHENA.MIT.EDU (G P R)
Tue Dec 2 11:11:00 1997
Date: Mon, 1 Dec 1997 23:20:10 -0800
Reply-To: route@RESENTMENT.INFONEXUS.COM
From: G P R <route@RESENTMENT.INFONEXUS.COM>
X-To: mood@INVALID.ORG
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.971130141646.23885A-100000@invalid> from "moOd" at
Nov 30, 97 02:19:50 pm
[moOd]
|
| Description:
|
| I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
| when port 13 (daytime) / port 37 (time) is "half-open scanned"..
This sounds a lot like the antiquated SYN, RST DoS problem older Linux
inetds were vulnerable to. Send a SYN to an internal service, and
immediately follow it up with a RST packet. inetd would become unstable
and die after the next connection.
| I'm not skilled enough to write the code-piece for you to test this out,
| but most of the new portscanner include this type of scanning method.
| (scantcp 1.32, sirc, etc.)
Phrack 49-07, the `Vengeance` module.
ftp://www.phrack.com/pub/phrack/phrack49.zip
Be warned. It is ugly, ugly code. At any rate, I was led to believe
that this problem was fixed ages ago in some netkit rev that escapes me.
--
temptation is worthless, suffering is the coin of the realm
