[7990] in bugtraq
Re: Tcpwrapper 7.6 - feature -
daemon@ATHENA.MIT.EDU (Niall Smart)
Sun Sep 20 00:48:58 1998
Date: Sun, 20 Sep 1998 01:22:42 +0000
Reply-To: rotel@indigo.ie
From: Niall Smart <rotel@INDIGO.IE>
X-To: Gigi Sullivan <sullivan@SECLAB.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSI.4.02A.9809191820160.24118-100000@rogue.seclab.com>;
Gigi Sullivan <sullivan@SECLAB.COM>
On Sep 19, 6:41pm, Gigi Sullivan wrote:
} Subject: Tcpwrapper 7.6 - feature -
> I wrote a very small stuff that could be usefull (I hope) to those of you
> that are using tcpwrapper, but that doesn't run any kinda of firewall.
> This "new" feature allow you to force the TCP layer to elict an RST
> segment to drop a denyed connection (instead of the usual 4-"FIN"
> segment).
I don't see the purpose of this feature, what benefit is it supposed
to provide? If it's an attempt to prevent port scanning then it
doesn't work, since by the time tcpd is invoked the 3-way handshake
has already been completed.
Niall
--
Niall Smart, rotel@indigo.ie.
Amaze your friends and annoy your enemies:
echo '#define if(x) if (!(x))' >> /usr/include/stdio.h
