OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: Is starting a user program on priv port via inetd dangerous ?

Re: Is starting a user program on priv port via inetd dangerous ?

jmcgnu.ai.mit.edu
Fri, 22 Jul 1994 14:19:45 -0400 (EDT)

>
>Your average BSD rlogind will check the port the connection comes from, so
>I assume they all do when they come from your trusty vendor, to make sure
>it is within the range 512 to 1024, or more precisely, the upper half of
>whatever it believes is the range for priviledged ports to be (there's a
>kernel variable on Solaris2 for this...I'm curious about what happens when
>this becomes 0 :-)
>
>So straight away, this puts 194 out of the market.
>
>What if it were 594 ?
>

And then there's the case of tcp/ip implementations that come with no
such meaning. i.e I can bind any port I want on those. IBM's tcp/ip
for VM does this, most pc's do this, etc. The problem with VM's is
that unlike the pc generally, it comes with a complete bsdish 
networking library. So, it's relatively easy to spoof sockets from
these then. i.e don't put mainframe's in your .rhosts :-) (I have
seen people do this).

James