Re: Simple nmap/inetd workaround

From: Casper Dik (casperat_private)
Date: Fri Jan 01 1999 - 13:18:37 PST

Next message: Kev: "Re: Breeze Network Server remote reboot and other bogosity."

Previous message: Philip Stoev: "ValueClick CGI Vulnerability FIXED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>A simple interim workaround for nmap-kills-inetd is to replace
>inetd invokations with
>
>        ( trap "" 13; exec /path/to/inetd )
>
>or, under Solaris
>
>        ( trap "" 13; exec /usr/sbin/inetd -s )
>
>this causes SIGPIPE to be ignored. Unfortunately,
>it is also ignored for inetd's children. This may cause some
>problems for services which run under inetd that expect SIGPIPE,
>but on the whole, I think you're better off this way.


Removing all internal tcp services from inetd.conf will help
too

time    stream  tcp     nowait  root    internal
echo    stream  tcp     nowait  root    internal
discard stream  tcp     nowait  root    internal
daytime stream  tcp     nowait  root    internal
chargen stream  tcp     nowait  root    internal


In fact, only the "time", "daytime" functions are affected.
(the other three fork)

Casper

Next message: Kev: "Re: Breeze Network Server remote reboot and other bogosity."
Previous message: Philip Stoev: "ValueClick CGI Vulnerability FIXED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:56 PDT