xinetd.d listening twice on port 69
Mark Sargent
powderkeg at snow.email.ne.jp
Wed Apr 6 15:15:00 UTC 2005
David Curry wrote:
> Mark Sargent wrote:
>
>> David Curry wrote:
>>
>>> Andy Green wrote:
>>>
>>>>
>>>> But I am still bemused by the two listening sockets on the same port
>>>> being possible. Maybe it is some kind of cool load balancing
>>>> feature I
>>>> never heard of. Can anyone else here explain how it can be?
>>>>
>>>> - -Andy
>>>
>>>
>>>
>>> May be this is a dumb question from a clueless neophyte, but does
>>> the phenomenon constitute a security problem that needs to be
>>> addressed?
>>>
>> Hi All,
>>
>> David, do you mean as to how the file /etc/xine.conf came to have the
>> data regarding tftp.? It is rather interesting that it did, as I most
>> certainly didn't add it. I even reproduced the installation process,
>> of both the rpm install, and the original install, via yum, and
>> neither add anything to the .conf of xinetd. They only add tftp files
>> to xinetd.d. Cheers.
>>
>> Mark Sargent.
>>
> In part, yes. The question had dual context. One dimension was
> whether your situation arose from being hacked. The other more
> general context was whther or not dual listening on a port presented
> an opportunity for security exploit.
>
Hi All,
ok, I'm gonna go a little off-topic here, maybe. When I 1st started at
this company 3mths ago, about the 2nd week, I think, I posted a lot on
Cisco's forums, as I was hired by a hardware reseller to reinstall/reset
to defaults etc Cisco switches/routers. Now, I'm not a pro, as I was
intro'd to this job by 2 friends, both CCNPs who work in IT here in
Tokyo. They know the shop owner. Anyway, back to that 2nd week, and
after I had posted something on Cisco's forum, I think perhaps the next
day, I did a google for something that was similar to the post I had
posted. Anyway, that post, or part of it, appeared as one of goolge's
finds, only, that the post had this as the lead in to what "I" had
"wrote". "If only my employer knew how long I was spending on the cisco
forums". And the rest was from my post. Now, I thought, woah, what
the.....but, well, just put it down to, well, something weird. Anyway, I
don't know if it's related or not. My firm has no real data that is
worth hacking, that I can think of, but, well, one never knows. My PC is
running Firestarter and is also behind a router with it's firewall set.
I've even tested it at the security testing sites. Ah, well, as I said,
probably off-topic, eh. Cheers.
Mark Sargent.
More information about the users
mailing list