-----BEGIN PGP SIGNED MESSAGE-----
At 09:18 AM 2/9/98 +0200, Nerijus Krukauskas wrote:
> Hello,
>
> Maybe this is a stupid question, but anyway.. For what purposes or
>what applications use port 7?
> RFC1700 says:
>---
>echo 7/tcp Echo
>echo 7/udp Echo
>---
> Is this dangerous? If yes, how much?
>
The echo service, as someone mentioned could be used for
development/testing purposes. I personally know of no "production"
application that uses it. Echo is susceptible to all sorts of DoS attacks
and in general is an unnecessary component in any production-level server.
As a rule, I disable the echo, chargen, and discard services on any machine
I'm securing. I tend to take the model: if I don't need it, disable it,
since every service or daemon that I leave running that I don't strictly
need, is a potential security problem.
Habeeb.
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
^ Habeeb J. Dihu
-' `- Managing Senior Technologist
" ' ` " Cirrus Technologies
" ' ` "
" ' . ` "
" ' .' ` ` " 'I don't believe in the no-win scenario'
" ` ' `' " -- Captain James T. Kirk, Star Trek II: TWK
` ' _ _ ' 'There is an old Vulcan proverb, `Only Nixon
' could go to China.`'
-- Captain Spock, Star Trek VI: TUC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5.2
iQCVAwUBNN/ZtFTtNfTWxXdNAQGZ3QQAtRWJmdvQdDR/hiILbhLx8COBD1sTUynu
Cw3yhOB9CixajLBfRRYm/6ThY3ytevlLoyQbRe4IJNGmZDK4pC15GwmQkHpTS6MC
wxHwuzlLynYK7jfruKsn+rYU/5jbfByWTOSJmYhYDY5pfVaCFg+OxGwf/ECwaXfJ
AFhb2QjR88E=
=aZWC
-----END PGP SIGNATURE-----
References:
|
|
