Thanks a lot. Now it's clear. Qian
On Tue, Nov 26, 2002 at 02:16:57PM -0600, Nathan E Norman wrote: > On Wed, Nov 27, 2002 at 12:32:26AM +1100, Matthias Szupryczynski wrote: > > On Tue, 2002-11-26 at 23:41, Qian Gong wrote: > > > It is said that the service discard in inetd is just for testing and can > > > be removed. What's the origin of this service and what is the purpose? > > > Thanks in advance. > > > > Basically, discard can be described as a protocol used to debug network > > traffic. It takes your data, and throws it away. As far I know, > > leaving it on makes your system prone for DOS attacks. > > Specifically, discard is the network /dev/null device. > > Particularly, the UDP discard service can easily be exploited by a DOS > attack, and you should disable the UDP service (I disable the UDP > versions of echo, chargen, discard, daytime, and time on all > machines). > > Most sites can safely disable echo, chargen, and discard completely > with no ill effects. You only need the TCP versions of time and > daytime if you have machines on your network that want to sync up > with your server using those protocols (some Windows boxes sync time > in this fashion). > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
