[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

In most cases its inetd (for telnet, ftp, etc) and so if somebody found a vuln in inetd that let you exploit a closed port for example (this is hypothetical ppl) then hey presto that port you closed is now a way in.

However, since ipchains/iptables rejects packets at the kernel level, it doesn't suffer from the fact that its running in normal user/program space, and so makes things a lot lot more difficult to exploit, crash, overflow, etc..

Also in terms of server load its better to use a packet filter, since every time a request comes in for port 23, inetd has to have a think and respond with closed, therefore the possibilities of a DOS come into play, however since ipchains/iptables rejects the packets themselves it won't cause this same case.

Hopefully that explains things, do a little searching on google too and get more info, as i don't warrant i've written this perfectly!!

Regards,

Andy
andy@xxxxxxxxxx
http://www.raqpak.com/ <-- Raq/Qube unofficial PKGs and support advice

Prev by Date: [no subject]
Next by Date: [no subject]
Previous by thread: [no subject]
Next by thread: [no subject]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index