Linux inetd..

From: moOd (moodat_private)
Date: Sun Nov 30 1997 - 05:19:50 PST

Next message: Feiyi Wang: "an detailed explaination why land attack works?"

Previous message: Aaron Campbell: "Re: in.telnetd bug (linux)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Description:

  I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
  when port 13 (daytime) / port 37 (time) is "half-open scanned"..


  Half-open scanning means that you:

    1) send SYN
    2) if reply is SYN|ACK, send RST  = port is listening
    3) if reply is RST                = port is not listening


  I'm not skilled enough to write the code-piece for you to test this out,
  but most of the new portscanner include this type of scanning method.
  (scantcp 1.32, sirc, etc.)


Quick & dirty workaround:

  Comment out daytime & time services from /etc/inetd.conf and restart inetd.



- -------

  / moOd [@invalid.org]

Next message: Feiyi Wang: "an detailed explaination why land attack works?"
Previous message: Aaron Campbell: "Re: in.telnetd bug (linux)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:33:57 PDT