Bugtraq: Re: Reminder for irix ppl

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Reminder for irix ppl

From: mcn () RIPOSTE ENGARDE COM (Mike Neuman)
Date: Thu, 15 May 1997 10:24:28 -0600

On a slightly different beat, perhaps SGI will consider changes the
default settings, in either case I'd be interested in finding out why it
is the default behavior.


  SGI (in IRIX 6.3) has a really nice interface which will allow you to turn
this feature on and off.

  Another warning: The "guest" account exists without password on every IRIX
system by default.

  One more: Beware the IPForwarding on/off checkbox on IRIX 6.3 (and possibly
others). It doesn't do a thing. A dual-homed SGI O2 running 6.3 clearly said
that IPForwarding was off, and was still forwarding my packets through to the
other side. The sysadmin who was running the machine had to modify a couple
scripts in /etc/init.d to fix the problem. I don't have any further details,
as I was busy breaking into other systems, not paying attention to how it was
fixed.:-) Anyway, if you have a dual-homed SGI, make sure it's not forwarding
by actually testing it rather than believing the GUI.

(And who said penetration testing wasn't a useful security service?) :-)

-Mike
mcn () EnGarde com
http://www.EnGarde.com/~mcn

By Date By Thread

Current thread:

Reminder for irix ppl Nafees Bin Zafar (May 14)
- Re: Reminder for irix ppl Mike Neuman (May 15)
- Vulnerability in Elm-ME+ John Goerzen (May 15)
  - Re: Vulnerability in Elm-ME+ Kari E. Hurtta (May 17)
  - Finally, most of an exploit for Solaris 2.5.1's ps. Joe Zbiciak (May 17)
    - Re: Finally, most of an exploit for Solaris 2.5.1's ps. Adam Morrison (May 19)
    - Re: Finally, most of an exploit for Solaris 2.5.1's ps. Joe Zbiciak (May 19)