[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [linux-security] Denial of service in inetd (fwd)



I notice that we're still shipping with chargen & echo enabled in
/etc/inetd.conf.

Given the CERT advisory:
  ftp://info.cert.org/pub/cert_advisories/CA-96.01.UDP_service_denial
should we not disable these services?

------- start of forwarded message (RFC 934 encapsulation) -------
From: Kit Knox <kit@connectnet.com>
To: Peter Henning <peterh@gem.co.za>
cc: linux-security@tarsier.cv.nrao.edu
Subject: Re: [linux-security] Denial of service in inetd
Date: Sat, 4 May 1996 15:03:46 -0700 (PDT)

On Fri, 3 May 1996, Peter Henning wrote:

> Does anyone know whether xinetd is vulnerable to the same sort of attacks?
> If not, it should be considered as a more secure inetd replacement.
> Unfortunately the configurations files are slightly different.

These internal services can be abused in many other ways.  UDP storms (to
the echo port etc) come to mind.  Everyone should disable these to begin
with.  I have no idea why the main distributions (redhat/slack/etc) decide
to distribute these insecure distributions.

+-----------------------------------------+
| Kit Knox - System Administrator         |
| CONNECTnet - http://www.connectnet.com/ |    
+-----------------------------------------+


------- end -------


Reply to: