[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlinetd security

On Mon, Jun 18, 2001 at 04:22:15PM -0800, Ethan Benson wrote:
> On Mon, Jun 18, 2001 at 01:48:50PM -0400, Noah Meyerhans wrote:
> > 
> > Why not?  You've not given any reason at all.  Do you know of any
> > malicious behavior that is made possible by leaving the services turned
> > on?  The potential exists to use the chargen feature as a part of a DoS
> > attack, but I've not heard of it ever being used as it's not
> > particularly effective unless you have many many machines available, and
> > even then there are much more effective weapons.  And what about the
> > rest of the ports?  How are they dangerous?  I've never heard of an
> > exploit involving any of them.
> 
> play a spoofing trick to attach the victims chargen port to its echo
> port.  
> 
> i don't know if that is still possible, in the olden days it was, had
> quite ammusing result too.  

The UDP versions only are affected by this, and yes it's still possible (it's
fundamental to the lack of design of these "protocols" that they have no defense
vs packet loops).

The TCP versions OTOH are pretty safe, assuming you use suitable concurrency
limiting on connections, but disabling them remains easier and safer.

-- 
Colin Phipps         PGP 0x689E463E     http://www.netcraft.com/
Reply to: