Bugtraq mailing list archives

Re: Re: COPS reporting unrestricted NFS exports under Linux

From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Mon, 6 Mar 1995 22:52:54 -0500

[...] I could change some records in my DNS maps and rename my
machine like so:

     3.100.212.129.in-addr.arpa    IN    PTR       me.foo.com
TO
     3.100.212.129.in-addr.arpa    IN    PTR       #

It was my understanding that recent versions of BIND do not allow
characters like '#' in hostnames.  Is Linux delivered with an old
BIND that does?


Is that "do not allow...'#' in hostnames" as in "do not accept zone
files with such names" or "do not accept replies containing such
names"?  Obviously, there is a big difference, and it seems likely to
me that the former is what was implemented, while it's the latter
that's important for our purposes here.  We must assume the attacker's
entire machine is overtly hostile; it may be running a hacked bind, or
it may be using something other than bind for DNS...either way, we must
assume it can produce DNS replies containing such names.

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu

Current thread:

Re: COPS reporting unrestricted NFS exports under Linux Karl Strickland (Mar 03)
- <Possible follow-ups>
- Re: COPS reporting unrestricted NFS exports under Linux Peter Sivo (Mar 05)
- Re: COPS reporting unrestricted NFS exports under Linux Patrick Horgan (Mar 05)
  - Comments in /.rhosts (was Re: COPS reporting unrestricted NFS exports Christopher Samuel (Mar 07)
- Re: Re: COPS reporting unrestricted NFS exports under Linux Ed Arnold (Mar 06)
  - Re: Re: COPS reporting unrestricted NFS exports under Linux Mike Shaver (Mar 06)
  - how not to ship an O/S - more on Irix 5.2 anthony baxter (Mar 06)
- Re: Re: COPS reporting unrestricted NFS exports under Linux der Mouse (Mar 06)