Port 37

Networking/Security Forums -> Exploits // System Weaknesses

Author: snootalopeLocation: IA _ USA PostPosted: Fri Feb 14, 2003 5:05 pm    Post subject: Port 37
    ----
morning guys..
looks like Apache 1.3.26 running on Linix with more ports open then needs to be.. I see that port 37 is open, which is a "time" port.. I've searched for exploits on it, no go.. I did read that it is a weakness though.. anyone know anything relavent about a port 37 weakness?

Author: myhatisred PostPosted: Fri Feb 14, 2003 8:28 pm    Post subject:
    ----
I honestly don't think that you could do much with a time port

Author: dissolutions PostPosted: Fri Feb 14, 2003 8:39 pm    Post subject:
    ----
Can't you just block the port with your firewall?

Author: snootalopeLocation: IA _ USA PostPosted: Fri Feb 14, 2003 8:41 pm    Post subject:
    ----
why yes i could... but I'm looking at someone elses's web server.. Rolling Eyes

Author: Sgt_BLocation: Chicago, IL US PostPosted: Fri Feb 14, 2003 10:24 pm    Post subject:
    ----
From: http://www.net.ohio-state.edu/security/services/scan/iss-4.3.7/manual/appena.html

Linux Time Bomb

The inetd running the TCP time services, daytime (prot13) and time (port 37) will crash if you send excessive SYN packets. Once inetd crashes, all other services running through inetd will no longer work. The scanner attempts to exploit this vulnerability.

Caution! Exercised caution as the inet daemon may go down on a vulnerable host.

Risk: Medium

OS Vulnerable: Linux

Fix: Turn off the two services in TCP mode. Alternatively, switch to xinetd.


Either way, close this port.
Better yet, get a firewall in front of that webserver.



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group