Bugtraq mailing list archives
a shameless plug for RIIS
From: meilak () fit qut edu au (Mr Brian Meilak)
Date: Wed, 19 Jun 1996 09:54:27 +1000
From the README:
Replacement Internal Inetd Services =================================== This small package contains replacement daemons for the 'trivial' services provided by the inetd(8) super server. These services are: echo RFC 862 discard RFC 863 chargen RFC 864 daytime RFC 867 time RFC 868 TCP and UDP versions are available. The benefit of these daemons is that you can replace the internal inetd(8) service daemons with ones that can then be wrappered by the tcp wrappers program(See Related Software). This can provide you with an early warning system against intruders probing these 'standard' ports while still providing these services to allowed hosts. It also helps you know what's going on on your network. To defend against looping attacks on the host or between hosts, the UDP versions have a command line parameter to specify the tests that will be made on the reply port to see if it is a possible loop. The offending connection, IP addresses and port numbers are logged via syslog(3). The following tests are available: Option Description ------ ----------- 0 No reply UDP port checking is done. All requests are accepted. 1 Reject if reply UDP port is an internal services port ie: echo/discard/time/daytime/chargen 2 Reject if reply UDP port < 1024 3 Reject if reply UDP port is known by getservbyport(). getservbyport() gets its information from the file /etc/services (and yellowpages/NIS if running). (Do a "man getservbyport" to find out where your system gets its port information) 4 Reject if reply UDP port < 1024 AND reply UDP port is known by getservbyport(). 5 Reject if reply UDP port < 1024 OR reply UDP port is known by getservbyport(). 6 Reject all requests and therefore log information about the connection. Distribution ============ The package can be found at: ftp://ftp.fit.qut.edu.au/pub/security/riis.tar ftp://ftp.fit.qut.edu.au/pub/security/riis.tar.gz regards brian ----- Brian Meilak E-Mail: B.Meilak () fit qut edu au Senior Systems Programmer WEB : http://www.fit.qut.edu.au/staff/~brian Faculty of Information Technology _--_|\ Queensland University of Technology / QUT Box 2434, Brisbane 4001, AUSTRALIA \_.--._/ Room ITE616 Phone: +61 7 3864-2757 Fax: 3864-1959 v
Current thread:
- a shameless plug for RIIS Mr Brian Meilak (Jun 18)