Bugtraq mailing list archives
Linux inetd..
From: mood () INVALID ORG (moOd)
Date: Sun, 30 Nov 1997 14:19:50 +0100
Description:
I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
when port 13 (daytime) / port 37 (time) is "half-open scanned"..
Half-open scanning means that you:
1) send SYN
2) if reply is SYN|ACK, send RST = port is listening
3) if reply is RST = port is not listening
I'm not skilled enough to write the code-piece for you to test this out,
but most of the new portscanner include this type of scanning method.
(scantcp 1.32, sirc, etc.)
Quick & dirty workaround:
Comment out daytime & time services from /etc/inetd.conf and restart inetd.
- -------
/ moOd [@invalid.org]
Current thread:
- Linux inetd.. moOd (Nov 30)
- Re: Linux inetd.. Aleph One (Dec 01)
- an detailed explaination why land attack works? Feiyi Wang (Nov 29)
- Possible Solaris 2.6 hole at(1M) sp00n (Dec 02)
- Re: Possible Solaris 2.6 hole at(1M) Casper Dik (Dec 04)
- Re: an detailed explaination why land attack works? Bill Paul (Dec 03)
- Fw: Insufficient allocations in net/unix/garbage.c (fwd) Phillip R. Jaenke (Dec 03)
- Re: Fw: Insufficient allocations in net/unix/garbage.c (fwd) Alan Cox (Dec 04)
- an detailed explaination why land attack works? Feiyi Wang (Nov 29)
- Sun Security Bulletin #00159 (fwd) Howie (Dec 03)
- Sun Security Bulletin #00160 (fwd) Howie (Dec 03)
- Q165005: Windows NT Slows Down Due to Land Attack Aleph One (Dec 04)
- Re: Linux inetd.. Aleph One (Dec 01)