On Sun, Oct 19, 2003 at 10:48:47AM +1000, Andrew Pollock wrote: > On Sat, Oct 18, 2003 at 01:40:51AM -0400, Matt Zimmerman wrote: > > On Sat, Oct 18, 2003 at 11:04:31AM +1000, Andrew Pollock wrote: > > > To cap it off, the discard service seems to be enabled out of the box. So > > > is daytime. Daytime's not too bad, but discard? I personally believe we > > > should be shipping sarge such that it installs offering the smallest > > > number of network services by default, and the user should explicitly > > > enable the ones they want. I can't see any reason for the discard service > > > on an Internet facing box in this day and age. > > I would like to see inetd leave the base system as well, but what problem > > could you possibly have with the discard service? > Well it's been so long since I've seen it in the wild, but doesn't this > service just eat whatever you throw at it? In a cents per meg scenario, > someone malicious could use this service to cost the person running it > some big dollars. That's meaningless. You can do the same whether or not the remote end is actually listening on the port in question. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature