Bugtraq mailing list archives

Re: Linux inetd..

From: route () RESENTMENT INFONEXUS COM (G P R)
Date: Mon, 1 Dec 1997 23:20:10 -0800


[moOd]

|
| Description:
|
|   I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
|   when port 13 (daytime) / port 37 (time) is "half-open scanned"..

    This sounds a lot like the antiquated SYN, RST DoS problem older Linux
    inetds were vulnerable to.  Send a SYN to an internal service, and
    immediately follow it up with a RST packet.  inetd would become unstable
    and die after the next connection.

|   I'm not skilled enough to write the code-piece for you to test this out,
|   but most of the new portscanner include this type of scanning method.
|   (scantcp 1.32, sirc, etc.)

    Phrack 49-07, the `Vengeance` module.

    ftp://www.phrack.com/pub/phrack/phrack49.zip

    Be warned.  It is ugly, ugly code.  At any rate, I was led to believe
    that this problem was fixed ages ago in some netkit rev that escapes me.

--
        temptation is worthless, suffering is the coin of the realm

Current thread:

Sun Security Bulletin #00160 (fwd), (continued)
- - - Sun Security Bulletin #00160 (fwd) Howie (Dec 03)
    - Q165005: Windows NT Slows Down Due to Land Attack Aleph One (Dec 04)
    - Q177539: Windows 95 Stops Responding Because of Land Attack Aleph One (Dec 04)
  - More telnet Daemon Fun Aaron Campbell (Dec 01)
    - Re: More telnet Daemon Fun Elliot Lee (Dec 02)
    - tcsh/Solaris (Re: More telnet Daemon Fun) Peter Radcliffe (Dec 03)
    - scoterm exploit Aleph One (Dec 04)
  - Re: Linux inetd.. Alan Cox (Dec 02)
    - Re: Linux inetd.. Darren Reed (Dec 02)
  - Re: Linux inetd.. Darren Reed (Dec 02)
- Re: Linux inetd.. G P R (Dec 01)
- Sendmail quirks Duck Vader (Dec 02)
- Re: Linux inetd.. der Mouse (Dec 15)