[nsp] tcp small servers not small enough
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Tue Oct 28 10:52:16 EST 2003
ED,
CORRECT. JUST BLOCK ACCESS TO TCP PORTS 13 & 19 IN ANY DIRECTIONS IF YOU
WANT TO HAVE THIS SERVICE
TRUNED ON. OR TRUN IT OFF COMPLETELY. ECHO AND DISCARD REALLY SERVE NO REAL
PURPOSE TODAY.
ANYWAY, WHY DO YOU WANT THEM ON. IS THIS A UNIX NETWORKING OR SERVER CLASS
OR TESTBED?
~v/r
Del Hudson
61CS/SCBN - LAAFB NCC
Network Architecture & Engineering Group
delbert.hudson at losangeles.af.mil
-----Original Message-----
From: Ed Ravin [mailto:eravin at panix.com]
Sent: Monday, October 27, 2003 5:58 PM
To: cisco-nsp at puck.nether.net
Subject: [nsp] tcp small servers not small enough
When I turn on "service tcp-small-servers" on my 7200 box with 12.2(17a),
these new ports appear:
7/tcp open echo
9/tcp open discard
13/tcp open daytime
19/tcp open chargen
I only want echo and daytime to be available. Is there any way, other
than ACLs on each interface, to disable them separately? I didn't see
anything in the command-line help for "service tcp-small-servers", which
appears to have no tunable settings other than the maximum number of
servers.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list