[8895] in bugtraq
Re: Simple nmap/inetd workaround
daemon@ATHENA.MIT.EDU (Casper Dik)
Sun Jan 3 13:40:26 1999
Date: Fri, 1 Jan 1999 22:18:37 +0100
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
X-To: John Hawkinson <jhawk@MIT.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Wed, 30 Dec 1998 14:10:36 EST."
<199812301910.OAA09009@contents-vnder-pressvre.mit.edu>
>A simple interim workaround for nmap-kills-inetd is to replace
>inetd invokations with
>
> ( trap "" 13; exec /path/to/inetd )
>
>or, under Solaris
>
> ( trap "" 13; exec /usr/sbin/inetd -s )
>
>this causes SIGPIPE to be ignored. Unfortunately,
>it is also ignored for inetd's children. This may cause some
>problems for services which run under inetd that expect SIGPIPE,
>but on the whole, I think you're better off this way.
Removing all internal tcp services from inetd.conf will help
too
time stream tcp nowait root internal
echo stream tcp nowait root internal
discard stream tcp nowait root internal
daytime stream tcp nowait root internal
chargen stream tcp nowait root internal
In fact, only the "time", "daytime" functions are affected.
(the other three fork)
Casper