From: "Curtis Hogg" <[EMAIL PROTECTED]>
To: "will trillich" <[EMAIL PROTECTED]>
Cc: <debian-user@lists.debian.org>
Sent: Wednesday, April 25, 2001 6:47 PM
Subject: Re: Does anyone know what this is ?
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> daytime, i'm not sure on.
daytime returns the system date and time. Eg:
beernut:~$ telnet localhost daytime
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Wed Apr 25 21:52:25 2001
Connection closed by foreign host.
- Kevin.
>
> chargen, as it's name suggests, generates characters
> echo, echos any characters it receives.
>
> there have been some really fun denial of service attacks back in the
> olden-days, caused by spoofing a tcp session and linking the echo and
> chargen ports together =)
>
> my whole builtin services section is commented out, so i don't worry about
> it.
>
> hope this helps.
>
> - -- Curtis Hogg [EMAIL PROTECTED]
> - ----------------------------------------------
>
> Quality control, n.:
> Assuring that the quality of a product does not get out of hand
> and add to the cost of its manufacture or design.
> - ----------------------------------------------
> Email 1 - [EMAIL PROTECTED]
> Email 2 - [EMAIL PROTECTED]
> WWW - [in transit]
>
> On Tue, 24 Apr 2001, will trillich wrote:
>
> > On Wed, Apr 18, 2001 at 11:58:26PM +0100, Gavin Hamill wrote:
> > > On Thu, 19 Apr 2001, Benj wrote:
> > >
> > > > I run top, and see this process:
> > > > 7705 0.0 % -discard [164.138.*.*]
> > > >
> > > > What is this process -discard ?? The IP (from which i've hidden the
last two
> > > > numbers) is totally unknown, its not my servers's or mine.
> > >
> > > discard is a TCP service provided by inetd itself which just ignores
any
> > > input fed to it. That IP is connecting to your machine and spewing
data
> > > into inetd. It's not harming your machine, but it will be wasting
> > > bandwidth.
> > >
> > > > Do you think I should kill it ?
> > >
> > > More than that, I'd disable discard, and it's friends daytime, echo,
and
> > > chargen in /etc/inetd.conf. then '/etc/init.d/inetd restart'
> >
> > okay, now for the Big Question -- "why"? i.e. is there a danger
> > in "offering" the 'daytime','echo', etc services from xinetd?
> >
> > --
> > DEBIAN NEWBIE TIP:
> > Looking to use your Debian machine as a FIREWALL? No problem!
> > Try "apt-get install ipmasq"... After you've got your
> > /etc/network/interfaces file set up properly, ipmasq will
> > save you lots of work, setting up firewall and routing
> > tables automatically.
> >
> > ...from [EMAIL PROTECTED]
> >
> >
> > --
> > To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> > with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP for Personal Privacy 5.0
> Charset: noconv
>
> iQA/AwUBOuaPH7HXK8DxaQMZEQLdXgCcDDaFW7OYn1wyjsq7PpLvMd7IeSAAoIBk
> YCex6J8OgLXYGoBYrl+W1w17
> =3Ax9
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
>
>
