[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice on inetd Denial of Service Bug

Drew Bloechl <drew@sith-lord.org> wrote:
> On Thu, Mar 30, 2000 at 01:11:09PM +0200, Paul Slootman wrote:
>>       -p, --programs
>>           displays process name and PID of the owner of each  socket
>>           it dumps. You have to be the owner of such process to have
>>           all it's sockets matched to it or generally root user will
>>           see all the necessary information in place.

> IIRC -p doesn't work on 2.0 kernels.  I believe 2.2 added the fields 
> required for this in /proc/net/tcp.  

The only piece of info that 2.2 has over 2.0 is the socket/pipe flag in
/proc/pid/fd.  This is not really needed.  The inode info were added back
in the 1.3.* days.

However, it is true that the current netstat wants this piece of information.
So the question is whether it is worthwile to fix netstat for 2.0.* when it
is going to be totally obsolete soon when 2.4 comes out.

Anyway, if the check is to be implemented at all, it'll have to be in postinst
since slink's netstat doesn't do -p.

> You can track this information down the hard way with the 
> pseudo-inode netstat gives you by referencing them against 
> /proc/<pid>/fd/*, but that's not a very attractive solution.  

Which is essentially what netstat does with -p.
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to: