On Tue, Apr 02, 2002 at 01:34:32PM -0500, Noah L. Meyerhans wrote:
> > Well, daytime spits out the time of day, time is for NTP,
> > and I'm not sure what discard is used for.
> No, NTP does not use the time port. It uses port 123 (ntp in
> /etc/services).
Ok, figures I don't know since I don't use it.
> Discard is the network equivalent of /dev/null
Weeee.. an MTU of zero :)
> The question of what to do with these ports comes up every once in a
> while on this list. Some people prefer to leave them on, others turn
> them off. I don't think there's ever been an exploit that involves
> these ports, as the code is quite simple (i.e. easy to implement
> securely).
Occasionally, there may be a DOS attack, but nothing invasive.
> > I usually turn off inetd completely. It helps makes things
> > quieter on a nessus scan :)
> Yes, this is good advice, and something that never occurs to most
> people. Most common services these days run quite happily in standalone
> mode, so there's often no reason to use inetd at all.
Given most everything can run through SSH or SSL (at least TCP-based) :)
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' gator@cacr.caltech.edu
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
pgpfnV9X1mnml.pgp
Description: PGP signature