Date: Sun, 22 Jun 1997 16:52:17 +1000 From: Bruce Evans <bde@zeta.org.au> To: danny@panda.hilink.com.au, msmith@atrad.adelaide.edu.au Cc: freebsd-security@FreeBSD.ORG Subject: Re: Simple TCP service can hang a system (fwd) Message-ID: <199706220652.QAA23696@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> I've noticed that inetd doesn't check the source port for the request
>> to UDP simple services (echo, time, chargen, daytime).
>
>(note that this is Linux).
>
>FreeBSD ships with these disabled :
>...
>... so if you turn them on, you ought to understand this already 8)
Even if you turn them on, the loopback problem has been fixed for years:
RCS file: /a/ncvs/src/usr.sbin/inetd/inetd.c,v
Working file: inetd.c
...
----------------------------
revision 1.4
date: 1994/12/21 19:08:45; author: wollman; state: Exp; lines: +63 -17
Disable UDP service looping attack.
----------------------------
The example program is a long way from compiling under FreeBSD. Linux
apparently "cleaned up" the networking headers more than FreeBSD.
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706220652.QAA23696>