[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Linux inetd.. (fwd)

Found this somewhat pertinant to Debian, especially since this
vulnerability was tested on a Debian machine... Just fyi.

dpk <dpk@egr.msu.edu>, Systems/Network         |  work: 353.4844
Division of Engineering Computing Services     |  page: 222.5875

---------- Forwarded message ----------
Date: Sun, 30 Nov 1997 14:19:50 +0100
From: moOd <mood@INVALID.ORG>
Subject: Linux inetd..


  I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
  when port 13 (daytime) / port 37 (time) is "half-open scanned"..

  Half-open scanning means that you:

    1) send SYN
    2) if reply is SYN|ACK, send RST  = port is listening
    3) if reply is RST                = port is not listening

  I'm not skilled enough to write the code-piece for you to test this out,
  but most of the new portscanner include this type of scanning method.
  (scantcp 1.32, sirc, etc.)

Quick & dirty workaround:

  Comment out daytime & time services from /etc/inetd.conf and restart inetd.

- -------

  / moOd [@invalid.org]

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: