lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Sep 2003 10:17:12 -0700 From: Darren Pilgrim <dmp@...freak.org> To: 3APA3A <3APA3A@...URITY.NNOV.RU> Cc: bugtraq@...urityfocus.com Subject: Re: 11 years of inetd default insecurity? On 2003.09.06 18:08:22 +0400, 3APA3A <3APA3A@...URITY.NNOV.RU> wrote: > II. Who is vulnerable > > Any system shipped with network daemons launched through inetd > (FreeBSD, SuSE, Red Hat, etc.). FreeBSD doesn't run anything through inetd by default. You have to manually edit inetd.conf to enable anything, and there is a warning screen during the install process about doing so. Additionally, FreeBSD's stock inetd has the following options: -c maximum Specify the default maximum number of simultaneous invocations of each service; the default is unlimited. May be overridden on a per-service basis with the "max-child" parameter. -C rate Specify the default maximum number of times a service can be invoked from a single IP address in one minute; the default is unlimited. May be overridden on a per-service basis with the "max-connections-per-ip-per-minute" parameter. -R rate Specify the maximum number of times a service can be invoked in one minute; the default is 256. A rate of 0 allows an unlimited number of invocations. -s maximum Specify the default maximum number of simultaneous invocations of each service from a single IP address; the default is unlimited. May be overridden on a per-service basis with the "max-child-per-ip" parameter.
Powered by blists - more mailing lists