Package: minissdpd Version: 1.1.20120121-1 Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tiger automatic auditing software alerted me that minissdpd was listening on all network interfaces in the default configuration. I modified the config to specify the IP address of the interface to listen on, but Tiger still reports that minissdpd is listening everywhere. I only realized this after seeing attempts in my syslog by hackers probing the socket; obviously this service ought not to be listening on my Internet interface. But closing it in the obvious way didn't work. I did verify that minissdpd was running with the correct options: $ ps axl|grep minissdpd|grep -v grep 1 0 12411 1 20 0 3952 84 - Ss ? 0:00 /usr/sbin/minissdpd -i 192.168.0.44 Tiger's report: # Checking listening processes NEW: --WARN-- [lin002i] The process `minissdpd' is listening on socket 1900 (UDP) on every interface. - -- System Information: Debian Release: 7.4 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages minissdpd depends on: ii libc6 2.13-38+deb7u1 minissdpd recommends no packages. minissdpd suggests no packages. - -- Configuration Files: /etc/default/minissdpd changed: START_DAEMON=1 MiniSSDPd_INTERFACE_ADDRESS=192.168.0.44 - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlNibMEACgkQnN+41NpzKveWrQCeOpB72U5TlFvEBDn//uBlj2Fq fy0An16U0DlpAarxpMLQmdg8nDiHdHUd =QYYk -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
