Re: rlinetd security

To: <pmoffitt@wrv.com>
Cc: <debian-security@lists.debian.org>
Subject: Re: rlinetd security
From: Tim Haynes <debian@stirfried.vegetable.org.uk>
Date: 18 Jun 2001 17:19:10 +0100
Message-id: <[🔎] 868zip92wx.fsf@potato.vegetable.org.uk>
Reply-to: debian@stirfried.vegetable.org.uk
In-reply-to: <[🔎] 003c01c0f810$95a09c30$48bb42cf@mis1.wrv.com> ("Pat Moffitt"'s message of "Mon, 18 Jun 2001 09:06:07 -0700")
References: <[🔎] 003c01c0f810$95a09c30$48bb42cf@mis1.wrv.com>

"Pat Moffitt" <pmoffitt@wrv.com> writes:

> That makes a lot of assumptions about my (or anyone else) understanding
> of the system. For example, I have no clue what discard is used for. So,
> how do I know if I have a package installed that will not work properly
> if I disable that port. Yes, I should go and research the issue but I
> only have some much time in the day.
> 
> Therefor, many of us are forced to make the same assumptions (valid or
> not) such as Sebastiaan's.

Ethan is correct. 

Start from `the more ports you leave open, the greater chance you have of
being cracked' and work up.

ISTR the standard inetd services including discard, echo, sysstat, netstat
et all *have* *had* their known vulnerabilities before now. All long-since
patched, but that's not to say there won't be another tomorrow.

Again, if you don't know why you need it, you don't need it.

~Tim
-- 
   17:16:07 up 3 days, 21:20, 16 users,  load average: 0.13, 0.09, 0.02
piglet@stirfried.vegetable.org.uk |Sometimes you're the pigeon,
http://piglet.is.dreaming.org     |Sometimes you're the statue.

Reply to:

Follow-Ups:
- Re: rlinetd security
  - From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>

References:
- RE: rlinetd security
  - From: "Pat Moffitt" <pmoffitt@wrv.com>

Prev by Date: RE: rlinetd security
Next by Date: Re: A question about Knark and modules
Previous by thread: RE: rlinetd security
Next by thread: Re: rlinetd security
Index(es):
- Date
- Thread