Re: [nsp] UDP broadcast filters.

From: Craig A. Huegen (chuegen@quadrunner.com)
Date: Mon Mar 16 1998 - 13:56:19 EST


On Mon, 16 Mar 1998, Jared Mauch wrote:

==>> * Disable the internal troubleshooting services in machines, where
==>> possible. For UNIX boxes, comment the "echo" and "chargen" services in
==>> inetd.conf and restart inetd:
==>>
==>> #echo stream tcp nowait root internal
==>> #echo dgram udp wait root internal
==>> #chargen stream tcp nowait root internal
==>> #chargen dgram udp wait root internal
==>
==> Another thing to do is no service udp-small-servers
==>
==> You will have to reload for that command to do it's magic.

Correct, that's the equivalent for IOS to disable those.

However, you don't have to reload:

chuegen@chuegen-sun:6:~>telnet <router> 7
Trying <router>...
Connected to <router>.
Escape character is '^]'.

router(config)#no serv tcp-small-serv

chuegen@chuegen-sun:7:~>telnet <router> 7
Trying <router>...
telnet: connect to address <router>: Connection refused
telnet: Unable to connect to remote host: Connection refused

Same applies to UDP.
/cah



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:15 EDT