Home page logo

bugtraq logo Bugtraq mailing list archives

Re: RSI.0001.05-01-98.ALL.QUAKE_SERVER
From: jtb () PUBNIX ORG (jtb)
Date: Tue, 5 May 1998 12:10:25 -0400

That won't work either, as the advisory said that any ip address on the
Class C would do the trick.  This will however stop script kids from just
compiling and running the exploit, however if you really want to stop all
further successful exploits, you'll have to put in a ruleset to deny
packets from the entire class c.

On Tue, 5 May 1998, Mark Morgan wrote:

We've found that putting into the ip ban list on the server does
NOT work for this exploit, using Jeff's exploit for this.  Instead, we had to
us ipfwadm, to block incoming packets from this site, which did the trick(this
being under Linux).

Mark Morgan
Network Operations,
GI/GX Networks.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]