Linux inetd.. (fwd)

To: Debian User List <debian-user@lists.debian.org>
Subject: Linux inetd.. (fwd)
From: dpk <dpk@egr.msu.edu>
Date: Tue, 2 Dec 1997 02:00:52 -0500 (EST)
Message-id: <[🔎] Pine.GSO.3.96.971202015948.22578C-100000@chavez>

Found this somewhat pertinant to Debian, especially since this
vulnerability was tested on a Debian machine... Just fyi.

Thanks,
Dennis
--
dpk <dpk@egr.msu.edu>, Systems/Network         |  work: 353.4844
Division of Engineering Computing Services     |  page: 222.5875

---------- Forwarded message ----------
Date: Sun, 30 Nov 1997 14:19:50 +0100
From: moOd <mood@INVALID.ORG>
To: BUGTRAQ@NETSPACE.ORG
Subject: Linux inetd..

Description:

  I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
  when port 13 (daytime) / port 37 (time) is "half-open scanned"..


  Half-open scanning means that you:

    1) send SYN
    2) if reply is SYN|ACK, send RST  = port is listening
    3) if reply is RST                = port is not listening


  I'm not skilled enough to write the code-piece for you to test this out,
  but most of the new portscanner include this type of scanning method.
  (scantcp 1.32, sirc, etc.)


Quick & dirty workaround:

  Comment out daytime & time services from /etc/inetd.conf and restart inetd.



- -------

  / moOd [@invalid.org]


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: Re: Packaging Gimp .99.15
Next by Date: Re: Packaging Gimp .99.15
Previous by thread: Re: qt1g (>= 1.30) where ???
Next by thread: Re: pcmcia install -- off topic
Index(es):
- Date
- Thread