From owner-freebsd-security  Sun Nov 22 22:48:16 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA04144
          for freebsd-security-outgoing; Sun, 22 Nov 1998 22:48:16 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from alive.znep.com (207-178-54-226.go2net.com [207.178.54.226])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA04139
          for <freebsd-security@FreeBSD.ORG>; Sun, 22 Nov 1998 22:48:13 -0800 (PST)
          (envelope-from marcs@znep.com)
Received: from localhost (marcs@localhost)
	by alive.znep.com (8.9.1/8.9.1) with ESMTP id WAA09984;
	Sun, 22 Nov 1998 22:44:32 -0800 (PST)
	(envelope-from marcs@znep.com)
Date: Sun, 22 Nov 1998 22:44:32 -0800 (PST)
From: Marc Slemko <marcs@znep.com>
To: Don Lewis <Don.Lewis@tsc.tdk.com>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: Would this make FreeBSD more secure?
In-Reply-To: <199811220523.VAA00366@salsa.gv.tsc.tdk.com>
Message-ID: <Pine.BSF.4.05.9811222233240.19474-100000@alive.znep.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, 21 Nov 1998, Don Lewis wrote:

> On Nov 17,  9:31am, Marc Slemko wrote:
> } Subject: Re: Would this make FreeBSD more secure?
> 
> } Say, for example, you have a MX record pointing to a server that does have
> } privileged ports.  That means that, even if the mail server does crash or
> } stop listening on the port, any old user can't just bind to the port and
> } steal mail.
> 
> Even better would be to quickly make enough connections to tcp port 23
> (telnet) so that inetd decides this service is looping and shuts it down.
> Then you can bind a socket to port 23 and harvest user names and passwords.

Right, there are lots of ways to do this sort of thing.  sendmail does it
too, by default, if you push the load average too high, which is esay to
do.

Although you should note that a while ago, after I pointed out how easy
this sort of thing is, Theo de Raadt implemented (after a few false starts
I think) a change in OpenBSD inetd that doesn't close the socket, just
starts accepting then dropping connections to it.  I think this change was
finished, although it may not have been.

It is arguable if this is a good or bad thing.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message