[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlinetd security

Sebastiaan <S.Breedveld@ITS.TUDelft.NL> writes:

> > Again, if you don't know why you need it, you don't need it.
> I know you are right, but I have become curious now: if everyone says
> that you do not need them, then where are they used for? And why are they
> still installed by default?

Good questions.

a) echo is just there to duplicate everything you send back at you.
   discard is just there to dump everything in the sink.
   chargen is to give a continual stream of output, eg bandwidth testing
   daytime is to give another box a snapshot of the time on here - a crude
           & ancient & horrible way to sync boxes
   netstat is to give a view of `netstat' over the 'net - remote admin?

b) they shouldn't be. You'll have to check if they still appear by default
in unstable; I should hope they don't. (There's been discussion of this
before if you trawl some archives somewhere.) It's possible to use them all
legitimately - e.g. the daytime thing might be if someone has a legacy
setup on their LAN and relied on it for time sync, the chargen/echo/discard
things could well be useful for getting streams of data and network
monitoring, etc. However, they really shouldn't be enabled by default.

All I see, All I know                       |piglet@stirfried.vegetable.org.uk
Is touching the sacred earth                |http://spodzone.org.uk/
And warming the hallowed ground             |

Reply to: