[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlinetd security

On Tue, Jun 19, 2001 at 08:56:51AM -0400, Stuart Krivis wrote:
> > Why not?  You've not given any reason at all.  Do you know of any
> > malicious behavior that is made possible by leaving the services turned
> > on?  The potential exists to use the chargen feature as a part of a DoS
> That's completely the wrong way to look at it. You should be saying, "Do I 
> need this for anything?" If you don't need it, then turn it off.

Sure, but my original post was in response to us having the simple
services turned on *by default* on new installations.  If we're going to
leave stuff like portmap and the NFS client daemons on by default then
we're already comitting a worse crime than leaving the simple services

> > Really I'm just playing devil's advocate here.  I don't care if they're
> > turned off or not.  I've just never seen any evidence that there's any
> > reason for concern over them.
> You should care. If it isn't running, you have one less thing to worry 
> about.

I do care.  I often disable inetd completely, if the server in question
doesn't need any of what it offers.  But again, what I was talking about
previously was the installation defaults.  Tim Haynes was saying that he
certainly hoped that the simple services were not turned on by default
in unstable.  I wasn't recommending to anybody to *leave* them on if
they don't need them.  But by default we've always left everything
turned on unless there was some major configuration or whatever that
needed to be done in order for the service to be used at all.

Personally, I don't care if something is turned on by default or not.
If I need it, and it's on by default, I'll leave it on.  If it's not on,
I'll turn it on.  If I don't need it I'll turn it off.

I do think it's worth discussing whether the policy should be "on by
default" of "off by default".  Not just for the simple services, but for
all services that get installed.  Which option leaves more work to be
done by the admin?  In the current "on by default" state, you install a
new system and go throught /etc/rc?.d/ and /etc/inetd.conf and turn off
things that you don't need, or uninstall them completely.  Is that
less time consuming for the admin than requiring them to go over the
same directories and files and explicitly enable the services they want?
I am not sure, but I expect it might not be.  And I know it would be
safer to leave services off by default.  There are a lot of incompetant
admins out there, and while "off by default" might generate a bit more
traffic on -user, it is likely to save some of them some major grief.


| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 

Attachment: pgpcUyNO6jqsg.pgp
Description: PGP signature

Reply to: