<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER

Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER

From: jtb <jtb_at_PUBNIX.ORG>
Date: Tue, 5 May 1998 12:10:25 -0400

That won't work either, as the advisory said that any ip address on the
Class C would do the trick. This will however stop script kids from just
compiling and running the exploit, however if you really want to stop all
further successful exploits, you'll have to put in a ruleset to deny
packets from the entire class c.

On Tue, 5 May 1998, Mark Morgan wrote:

> We've found that putting 194.246.40.42 into the ip ban list on the server does
> NOT work for this exploit, using Jeff's exploit for this. Instead, we had to
> us ipfwadm, to block incoming packets from this site, which did the trick(this
> being under Linux).
>
> Mark Morgan
> Network Operations,
> GI/GX Networks.
>
Received on May 05 1998

This message: [ Message body ]
Next message: Christian Antkow: "Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER"
Previous message: Goran Gajic: "dip-3.3.7o security hole"
In reply to: Mark Morgan: "Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER"
Next in thread: Christian Antkow: "Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos