On 18 Jun 2001, Tim Haynes wrote: > "Pat Moffitt" <[EMAIL PROTECTED]> writes: > > > That makes a lot of assumptions about my (or anyone else) understanding > > of the system. For example, I have no clue what discard is used for. So, > > how do I know if I have a package installed that will not work properly > > if I disable that port. Yes, I should go and research the issue but I > > only have some much time in the day. > > > > Therefor, many of us are forced to make the same assumptions (valid or > > not) such as Sebastiaan's. > > Ethan is correct. > > Start from `the more ports you leave open, the greater chance you have of > being cracked' and work up. > > ISTR the standard inetd services including discard, echo, sysstat, netstat > et all *have* *had* their known vulnerabilities before now. All long-since > patched, but that's not to say there won't be another tomorrow. > > Again, if you don't know why you need it, you don't need it. > I know you are right, but I have become curious now: if everyone says that you do not need them, then where are they used for? And why are they still installed by default?
Thanks, Sebastiaan
