Re: inetd: discard?
Thanks a lot. Now it's clear.
Qian
On Tue, Nov 26, 2002 at 02:16:57PM -0600, Nathan E Norman wrote:
> On Wed, Nov 27, 2002 at 12:32:26AM +1100, Matthias Szupryczynski wrote:
> > On Tue, 2002-11-26 at 23:41, Qian Gong wrote:
> > > It is said that the service discard in inetd is just for testing and can
> > > be removed. What's the origin of this service and what is the purpose?
> > > Thanks in advance.
> >
> > Basically, discard can be described as a protocol used to debug network
> > traffic. It takes your data, and throws it away. As far I know,
> > leaving it on makes your system prone for DOS attacks.
>
> Specifically, discard is the network /dev/null device.
>
> Particularly, the UDP discard service can easily be exploited by a DOS
> attack, and you should disable the UDP service (I disable the UDP
> versions of echo, chargen, discard, daytime, and time on all
> machines).
>
> Most sites can safely disable echo, chargen, and discard completely
> with no ill effects. You only need the TCP versions of time and
> daytime if you have machines on your network that want to sync up
> with your server using those protocols (some Windows boxes sync time
> in this fashion).
>
Reply to: