xinetd.d listening twice on port 69

Mark Sargent powderkeg at snow.email.ne.jp
Wed Apr 6 15:15:00 UTC 2005


David Curry wrote:

> Mark Sargent wrote:
>
>> David Curry wrote:
>>
>>> Andy Green wrote:
>>>
>>>>
>>>> But I am still bemused by the two listening sockets on the same port
>>>> being possible.  Maybe it is some kind of cool load balancing 
>>>> feature I
>>>> never heard of.  Can anyone else here explain how it can be?
>>>>
>>>> - -Andy
>>>
>>>
>>>
>>> May be this is a dumb question from a clueless neophyte, but does 
>>> the phenomenon constitute a security problem that needs to be 
>>> addressed?
>>>
>> Hi All,
>>
>> David, do you mean as to how the file /etc/xine.conf came to have the 
>> data regarding tftp.? It is rather interesting that it did, as I most 
>> certainly didn't add it. I even reproduced the installation process, 
>> of both the rpm install, and the original install, via yum, and 
>> neither add anything to the .conf of xinetd. They only add tftp files 
>> to xinetd.d. Cheers.
>>
>> Mark Sargent.
>>
> In part, yes.  The question had dual context.  One dimension was 
> whether your situation arose from being hacked.  The other more 
> general context was whther or not dual listening on a port presented 
> an opportunity for security exploit.
>
Hi All,

ok, I'm gonna go a little off-topic here, maybe. When I 1st started at 
this company 3mths ago, about the 2nd week,  I think, I posted a lot on 
Cisco's forums, as I was hired by a hardware reseller to reinstall/reset 
to defaults etc Cisco switches/routers. Now, I'm not a pro, as I was 
intro'd to this job by 2 friends, both CCNPs who work in IT here in 
Tokyo. They know the shop owner. Anyway, back to that 2nd week, and 
after I had posted something on Cisco's forum, I think perhaps the next 
day, I did a google for something that was similar to the post I had 
posted. Anyway, that post, or part of it, appeared as one of goolge's 
finds, only, that the post had this as the lead in to what "I" had 
"wrote". "If only my employer knew how long I was spending on the cisco 
forums". And the rest was from my post. Now, I thought, woah, what 
the.....but, well, just put it down to, well, something weird. Anyway, I 
don't know if it's related or not. My firm has no real data that is 
worth hacking, that I can think of, but, well, one never knows. My PC is 
running Firestarter and is also behind a router with it's firewall set. 
I've even tested it at the security testing sites. Ah, well, as I said, 
probably off-topic, eh. Cheers.

Mark Sargent.




More information about the users mailing list