[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: a shameless plug for RIIS
From: Mr Brian Meilak <meilak () fit ! qut ! edu ! au>
Date: 1996-06-19 9:54:27
[Download RAW message or body]
>From the README:
Replacement Internal Inetd Services
===================================
This small package contains replacement daemons for the 'trivial'
services provided by the inetd(8) super server. These services are:
echo RFC 862
discard RFC 863
chargen RFC 864
daytime RFC 867
time RFC 868
TCP and UDP versions are available.
The benefit of these daemons is that you can replace the internal inetd(8)
service daemons with ones that can then be wrappered by the tcp wrappers
program(See Related Software). This can provide you with an
early warning system against intruders probing these 'standard' ports
while still providing these services to allowed hosts. It also helps
you know what's going on on your network.
To defend against looping attacks on the host or between hosts,
the UDP versions have a command line parameter to specify the tests
that will be made on the reply port to see if it is a possible loop.
The offending connection, IP addresses and port numbers are logged
via syslog(3). The following tests are available:
Option Description
------ -----------
0 No reply UDP port checking is done.
All requests are accepted.
1 Reject if reply UDP port is an internal services port
ie: echo/discard/time/daytime/chargen
2 Reject if reply UDP port < 1024
3 Reject if reply UDP port is known by getservbyport().
getservbyport() gets its information from the file
/etc/services (and yellowpages/NIS if running).
(Do a "man getservbyport" to find out where your system
gets its port information)
4 Reject if reply UDP port < 1024 AND
reply UDP port is known by getservbyport().
5 Reject if reply UDP port < 1024 OR
reply UDP port is known by getservbyport().
6 Reject all requests and therefore log information
about the connection.
Distribution
============
The package can be found at:
ftp://ftp.fit.qut.edu.au/pub/security/riis.tar
ftp://ftp.fit.qut.edu.au/pub/security/riis.tar.gz
regards
brian
-----
Brian Meilak E-Mail: B.Meilak@fit.qut.edu.au
Senior Systems Programmer WEB : http://www.fit.qut.edu.au/staff/~brian
Faculty of Information Technology _--_|\
Queensland University of Technology / QUT
Box 2434, Brisbane 4001, AUSTRALIA \_.--._/
Room ITE616 Phone: +61 7 3864-2757 Fax: 3864-1959 v
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic