Port 7 is discard, a /dev/null for IP.
Port 19 is chargen which provides a character source.
Port 79 is finger.
The first two should be easy to implement and test to make sure
they are secure, but then who knows about the implementor. I've
never heard of an attack against either, but porly implementd ones
could be problems.
Finger in good implementations has ben made quite bulletproof as
far as being attacked against it's self. However it lets out
user account names, login information, etc. All can be used to
help attacks against other services, and password hacking. For
that reason alown I reject finger queries. Then any finger query
to my home system is really bogus as the machine you get isn't
the machine I login to normally.
A port it's self isn't the problem, it's the server that handles
the requests, and the OS that forwards data between the net and
the server that have the security holes in them.
--
| Bryan Andersen | [EMAIL PROTECTED] | http://softail.visi.com |
| Buzzwords are like annoying little flies that deserve to be swatted. |
| -Bryan Andersen |
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
