Found this somewhat pertinant to Debian, especially since this
vulnerability was tested on a Debian machine... Just fyi.
Thanks,
Dennis
--
dpk <[EMAIL PROTECTED]>, Systems/Network | work: 353.4844
Division of Engineering Computing Services | page: 222.5875
---------- Forwarded message ----------
Date: Sun, 30 Nov 1997 14:19:50 +0100
From: moOd <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Linux inetd..
Description:
I've found that inetd on (*atleast*) Debian distribution of LiNUX crashes
when port 13 (daytime) / port 37 (time) is "half-open scanned"..
Half-open scanning means that you:
1) send SYN
2) if reply is SYN|ACK, send RST = port is listening
3) if reply is RST = port is not listening
I'm not skilled enough to write the code-piece for you to test this out,
but most of the new portscanner include this type of scanning method.
(scantcp 1.32, sirc, etc.)
Quick & dirty workaround:
Comment out daytime & time services from /etc/inetd.conf and restart inetd.
- -------
/ moOd [EMAIL PROTECTED]
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
[EMAIL PROTECTED] .
Trouble? e-mail to [EMAIL PROTECTED] .
