Re: rlinetd security

To: Tim Haynes <debian@stirfried.vegetable.org.uk>
Cc: pmoffitt@wrv.com, debian-security@lists.debian.org
Subject: Re: rlinetd security
From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>
Date: Mon, 18 Jun 2001 19:15:55 +0200 (METDST)
Message-id: <[🔎] Pine.HPP.3.95.1010618191412.2241C-100000@elektron.its.tudelft.nl>
In-reply-to: <[🔎] 868zip92wx.fsf@potato.vegetable.org.uk>

On 18 Jun 2001, Tim Haynes wrote:

> "Pat Moffitt" <pmoffitt@wrv.com> writes:
> 
> > That makes a lot of assumptions about my (or anyone else) understanding
> > of the system. For example, I have no clue what discard is used for. So,
> > how do I know if I have a package installed that will not work properly
> > if I disable that port. Yes, I should go and research the issue but I
> > only have some much time in the day.
> > 
> > Therefor, many of us are forced to make the same assumptions (valid or
> > not) such as Sebastiaan's.
> 
> Ethan is correct. 
> 
> Start from `the more ports you leave open, the greater chance you have of
> being cracked' and work up.
> 
> ISTR the standard inetd services including discard, echo, sysstat, netstat
> et all *have* *had* their known vulnerabilities before now. All long-since
> patched, but that's not to say there won't be another tomorrow.
> 
> Again, if you don't know why you need it, you don't need it.
> 
I know you are right, but I have become curious now: if everyone says that
you do not need them, then where are they used for? And why are they still
installed by default?

Thanks,
Sebastiaan

Reply to:

Follow-Ups:
- Re: rlinetd security
  - From: Tim Haynes <usenet@stirfried.vegetable.org.uk>
- Re: rlinetd security
  - From: Peter Cordes <peter@llama.nslug.ns.ca>

References:
- Re: rlinetd security
  - From: Tim Haynes <debian@stirfried.vegetable.org.uk>

Prev by Date: Re: A question about Knark and modules
Next by Date: Re: rlinetd security
Previous by thread: Re: rlinetd security
Next by thread: Re: rlinetd security
Index(es):
- Date
- Thread