Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Livingston bugs...
From: angio () aros net (Dave Andersen)
Date: Tue, 12 Sep 1995 14:50:55 -0600


Lo and behold, Jay 'Whip' Grizzard once said:

I, personally, can't understand such a passive attitude on the part of
Livingston -- I personally would call a bug where you can crash virtually
anyone's network connection, from virtually anywhere in the world, to be
a major bug. Maybe it's just me...

   Because there's an easy solution to it which you've mentioned below:

ObBugTraq: Apparently (at least, under limited testing), putting up a filter
to prevent folks from getting to your login port from the outside world
will protect you -- Except I don't _want_ to have to start filtering things
out, and in some circuimstances (backbone routers, etc), it's not exactly
a viable option. Do YOU want to have the bandwith of several T1's all
running through a filter before they get off the router? No, thanks...

   Not necessarily.  Setting up a really simple filter to disallow
telnets to the portmaster itself is a very trivial option, and has been
discussed at _great_ length with many examples on the portmaster-users
mailing list.  Something as simple as

----- Quote from Carl Rigney @ livingston -----
add filter notelnet.in
set filter notelnet.in 1 permit 192.168.2.0/24 192.168.2.2/32 tcp dst eq 23 log
set filter notelnet.in 2 deny 0.0.0.0/0 192.168.2.2/32 tcp dst eq 23 log
set filter notelnet.in 3 permit
set ether0 ifilter notelnet.in
save all

If you're having problems with your dial-in users doing this, you can
block that too by adding the following RADIUS attribute:

        Framed-Filter-Id = "notelnet"
------- end quote -----------

will solve that problem and any other possible "telnetting to the
portmaster and doing <blah blah blah>" problem.

    -Dave Andersen

--
angio () aros net                Complete virtual hosting and business-oriented
system administration         internet services.  (WWW, FTP, email)
http://www.aros.net/          http://www.aros.net/about/virtual/



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault