Re: rlinetd security
"Noah L. Meyerhans" <frodo@morgul.net> writes:
[snip]
> > <http://www.sans.org/infosecFAQ/malicious/naptha.htm>, btw. Why bother
> > hooking /dev/{zero,null} onto the net with netcat when you can cause a fair
> > bit of traffic with standard services that do much the same thing?
>
> Yes, but you know what? 'ping -f' works just as good, if not better. Do
> you have ICMP filtered at your router?
Some, yes.
I also worry about who's going to be able to execute `ping -f' on *my*
machines, should they make it through, and try to make it as hard as
possible.
Leaving ports open because you don't know better does not constitute making
nasty people's life harder.
~Tim
--
20:12:08 up 4 days, 16 min, 17 users, load average: 0.02, 0.04, 0.00
piglet@stirfried.vegetable.org.uk |Windows 98 is year 2000-ready
http://piglet.is.dreaming.org |(seen during a recent, >y2000, installation)
Reply to: