Re: Linux inetd..

Darren Reed (avalon@COOMBS.ANU.EDU.AU)
Wed, 03 Dec 1997 14:31:23 +1100

Linux's accept behaviour has been that way (returning before the connection
gets to ESTABLISHED) for quite some time. You'll find even 1.2.x vulnerable
to that sort of scanning, maybe even 1.0.x.

One of the really annoying things about accept() behaving like this is
that the remote socket information can be gone before accept() has a
chance to store it in your `sockaddr_in', requiring a packet sniffer
of some variety before you know who/what/where is scanning your active
ports.

Darren