Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

a shameless plug for RIIS

From: meilak () fit qut edu au (Mr Brian Meilak)
Date: Wed, 19 Jun 1996 09:54:27 +1000


From the README:



  Replacement Internal Inetd Services
  ===================================

  This small package contains replacement daemons for the 'trivial'
  services provided by the inetd(8) super server. These services are:

        echo            RFC 862
        discard         RFC 863
        chargen         RFC 864
        daytime         RFC 867
        time            RFC 868

  TCP and UDP versions are available.

  The benefit of these daemons is that you can replace the internal inetd(8)
  service daemons with ones that can then be wrappered by the tcp wrappers
  program(See Related Software). This can provide you with an
  early warning system against intruders probing these 'standard' ports
  while still providing these services to allowed hosts. It also helps
  you know what's going on on your network.

  To defend against looping attacks on the host or between hosts,
  the UDP versions have a command line parameter to specify the tests
  that will be made on the reply port to see if it is a possible loop.
  The offending connection, IP addresses and port numbers are logged
  via syslog(3). The following tests are available:

    Option      Description
    ------        -----------
      0         No reply UDP port checking is done.
                All requests are accepted.
      1         Reject if reply UDP port is an internal services port
                ie: echo/discard/time/daytime/chargen
      2         Reject if reply UDP port < 1024
      3         Reject if reply UDP port is known by getservbyport().
                getservbyport() gets its information from the file
                /etc/services (and yellowpages/NIS if running).
                (Do a "man getservbyport" to find out where your system
                 gets its port information)
      4         Reject if reply UDP port < 1024 AND
                reply UDP port is known by getservbyport().
      5         Reject if reply UDP port < 1024 OR
                reply UDP port is known by getservbyport().
      6         Reject all requests and therefore log information
                about the connection.



  Distribution
  ============
  The package can be found at:

  ftp://ftp.fit.qut.edu.au/pub/security/riis.tar
  ftp://ftp.fit.qut.edu.au/pub/security/riis.tar.gz



regards

brian
-----
Brian Meilak                      E-Mail: B.Meilak () fit qut edu au
Senior Systems Programmer         WEB   : http://www.fit.qut.edu.au/staff/~brian
Faculty of Information Technology                      _--_|\
Queensland University of Technology                   /      QUT
Box 2434, Brisbane 4001, AUSTRALIA                    \_.--._/
Room ITE616 Phone: +61 7 3864-2757 Fax: 3864-1959           v
Previous By Date Next
Previous By Thread Next

Current thread: