Linux tftp listens on all interfaces and IPs by DEFAULT Security Risk Hole Solution

Just edit your tftp file for xinetd like this:

*Change the IP to be the IP of the interface you want to listen on.

To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open.

Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available service
Oct 13 23:20:40 01 xinetd[26631]: START: tftp pid=26634 from=192.5.9.1

 

service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /tftpboot
        disable                 = no
        bind                    = 10.10.10.1
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}


Tags:

linux, tftp, listens, interfaces, ips, default, solutionjust, edit, xinetd, ip, interface, nc, yourip, var, syslog, oct, pid, socket_type, dgram, protocol, udp, user, server, usr, sbin, tftpd, server_args, tftpboot, disable, bind, per_source, cps, flags, ipv,

Latest Articles

  • How To Install OpenProject on Centos 7 Step-by-Step Guide
  • Ubuntu Debian Linux Cannot Install Wine Solution - wine1.6 : Depends: wine1.6-i386 (= 1:1.6.2-0ubuntu14.2) but it is not installable wine1.4 : Depends: wine1.6 but it is not going to be installed
  • How To Install python 3.4 3.5 and up on Linux with wine - Working Solution
  • using Xvfb on virtual remote ssh server to have X graphical programs work
  • ssh Received disconnect from port 22:2: Too many authentication failures
  • named bind errors - DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.'
  • OpenVZ vs LXC DIR mode poor security in LXC
  • httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load modules/libphp5.so into server: /lib64/libresolv.so.2: symbol __h_errno, version GLIBC_PRIVATE not defined in file libc.s
  • Radeon R3 GPU on Debian Crashing
  • MySQL 5.7 on Debian and Ubuntu - How To Reset Root Password
  • SSH and sshfs timeout settings keepalive
  • Linux How To Add User To Additional Group
  • Howto Set Static IP on boot in initramfs for dropbear or other purposes NFS, Linux, Debian, Ubuntu, CentOS
  • Convert and install to LUKS Encrypted Drive Ubuntu 18.04 19.10 Linux Mint and Debian Based Linux
  • Debian and Netplan
  • CentOS 8 how to restart the network!
  • CentOS 8 how to convert to a bootable mdadm RAID software array
  • ADATA USB Thumb Drive Issues
  • KMODE EXCEPTION NOT HANDLED - QEMU/KVM Won't Boot Windows 2016 or 10 Image or Physical Machine
  • Linux Mint / Ubuntu / Debian Mate Disable Guest Session and Hide Usernames on Lightdm Login screen GUI