Home page logo

bugtraq logo Bugtraq mailing list archives

Re: denial of service - inetd on solaris 2.4?
From: Peter-Skopp () deshaw com (Peter Skopp)
Date: Mon, 27 May 1996 14:33:51 -0400

According to Brad Powell:
You should probably just turn off echo, discard, daytime and chargen

You should turn off echo, daytime, chargen and time (at least), but there
is really no need to turn off discard.

You only need to turn off UDP based services which elicit responses (or
error messages) when attached to another service which is feeding it "crap".

Any combination of echo, time, daytime, and chargen will loop (although
echo <-> echo requires the spoofed packet to have an initial payload).

The DOS comes in b/c echo of these services will elicit a response given
a packet from any of these services, so the 2 programs will play ping pong
with each other.

The discard service will just read the packet and discard it (as its name
implies), so the DOS attack outlined in CERT CA-96:01 doesn't hold with
discard, and it is safe to keep it in your inetd.conf file.

Peter Skopp

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]