Darren Reed writes: > > > > > This is yet another reason why you should disable echo, discard, > > chargen, and any other inetd tcp/udp debugging service. It's > > surprising how many people leave those in inetd.conf. > > Sorry, I missed out on the reason why we should disable discard. > Would you mind explaining it ? I thought it was like it's name sake - > a sink hole (blackhole if you like) for packets. Sort of like /dev/null. tcp discard allows a "hostile" remote site to pump in a large amount of traffic into your net, possibly congesting your link to the internet. I think that it might actually be benedicial to leave udp discard active.. Turning it off wont stop people sending datagrams to it. In fact, turning it off will cause your machine to send ICMP port unreachable messages... ie: turning it off could help a malicious host generate *more* traffic on your link.. But then again, they could send the datagrams to any damn port they please and get an ICMP unreach port in return. daytime/tcp is actually quite useful. I can't think of any reasons to disable that one off the top of my head, but I guess daytime/udp could also be vulnerable to a broadcast storm? After all, it replies to a UDP address, which could easily be 255.255.255.255/daytime.. -Peter