[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: netkit-inetd in sarge



On Sun, Oct 19, 2003 at 10:48:47AM +1000, Andrew Pollock wrote:
> On Sat, Oct 18, 2003 at 01:40:51AM -0400, Matt Zimmerman wrote:
> > On Sat, Oct 18, 2003 at 11:04:31AM +1000, Andrew Pollock wrote:

> > > To cap it off, the discard service seems to be enabled out of the box. So
> > > is daytime. Daytime's not too bad, but discard? I personally believe we
> > > should be shipping sarge such that it installs offering the smallest
> > > number of network services by default, and the user should explicitly
> > > enable the ones they want. I can't see any reason for the discard service
> > > on an Internet facing box in this day and age.

> > I would like to see inetd leave the base system as well, but what problem
> > could you possibly have with the discard service?

> Well it's been so long since I've seen it in the wild, but doesn't this 
> service just eat whatever you throw at it? In a cents per meg scenario, 
> someone malicious could use this service to cost the person running it 
> some big dollars.

That's meaningless.  You can do the same whether or not the remote end
is actually listening on the port in question.

-- 
Steve Langasek
postmodern programmer

Attachment: signature.asc
Description: Digital signature


Reply to: