Date: Sun, 22 Jun 1997 15:37:03 +0930 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: danny@panda.hilink.com.au (Daniel O'Callaghan) Cc: freebsd-security@FreeBSD.ORG Subject: Re: Simple TCP service can hang a system (fwd) Message-ID: <199706220607.PAA11138@genesis.atrad.adelaide.edu.au> In-Reply-To: <Pine.BSF.3.91.970622142206.869L-100000@panda.hilink.com.au> from Daniel O'Callaghan at "Jun 22, 97 02:22:49 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Daniel O'Callaghan stands accused of saying: > > I've noticed that inetd doesn't check the source port for the request > to UDP simple services (echo, time, chargen, daytime). (note that this is Linux). FreeBSD ships with these disabled : # "Small servers" -- used to be standard on, but we're more conservative # about things due to Internet security concerns. Only turn on what you # need. # #daytime stream tcp nowait root internal #daytime dgram udp wait root internal #time stream tcp nowait root internal #time dgram udp wait root internal #echo stream tcp nowait root internal #echo dgram udp wait root internal #discard stream tcp nowait root internal #discard dgram udp wait root internal #chargen stream tcp nowait root internal #chargen dgram udp wait root internal ... so if you turn them on, you ought to understand this already 8) -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706220607.PAA11138>