security risk of having a long list of services in inetd
> From: Paul Dufresne <dufresnep@gmail.com>
>> For myself, rkhunter give warning about inetd.
>> Looking to /etc/services, I found that Debian seems to like to have a
>> very big file with all known services rather than just add the
>> services needed. I don't even knows if other distributions does just
>> add the needed services.
>
> That file is just a mapping of service names and ports, it has no relation
> to services that are actually running.
Yes, I know. But as I see it, each mapping is like a *possible* door
to the Internet.
When there is so much, it become too hard to look at each door to see
if there is a program behind,
and if it does what it should.
Moreover I now see that /etc/hosts.allow and /etc/hosts.deny are empty
(well just comments), which means that it is open to everybody.
Taken from http://en.wikipedia.org/wiki/Inetd :
"the long list of services that inetd traditionally provided gave
computer security experts pause. The possibility of a service having
an exploitable flaw, or the service just being abused, had to be
considered. Unnecessary services were disabled and off by default
became the mantra. It is not uncommon to find an /etc/inetd.conf with
almost all the services commented out in a modern Unix distribution."
This begin to look like a discussion for developper list however.
Reply to: