Re: rlinetd security
On 18 Jun 2001, Tim Haynes wrote:
> "Pat Moffitt" <pmoffitt@wrv.com> writes:
>
> > That makes a lot of assumptions about my (or anyone else) understanding
> > of the system. For example, I have no clue what discard is used for. So,
> > how do I know if I have a package installed that will not work properly
> > if I disable that port. Yes, I should go and research the issue but I
> > only have some much time in the day.
> >
> > Therefor, many of us are forced to make the same assumptions (valid or
> > not) such as Sebastiaan's.
>
> Ethan is correct.
>
> Start from `the more ports you leave open, the greater chance you have of
> being cracked' and work up.
>
> ISTR the standard inetd services including discard, echo, sysstat, netstat
> et all *have* *had* their known vulnerabilities before now. All long-since
> patched, but that's not to say there won't be another tomorrow.
>
> Again, if you don't know why you need it, you don't need it.
>
I know you are right, but I have become curious now: if everyone says that
you do not need them, then where are they used for? And why are they still
installed by default?
Thanks,
Sebastiaan
Reply to: