3.3.37 /etc/inetd.conf - discard

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This entry starts the discard service when required. This service is used as a debugging tool by setting up a listening socket which ignores the data it receives.

The discard service is used as a debugging and measurement tool. It sets up a listening socket and ignores data that it receives. This is a /dev/null service and is obsolete. This can be used in DoS attacks and therefore, must be disabled.

Solution

In /etc/inetd.conf, comment out the discard entries-

chsubserver -r inetd -C /etc/inetd.conf -d -v 'discard' -p 'tcp'

See Also

https://workbench.cisecurity.org/files/528