Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_3

Bugtraq archives for 3rd quarter (Jul-Aug) 1995: Re: Livingston bugs...

Re: Livingston bugs...

Dave Andersen (angioaros.net)
Tue, 12 Sep 1995 14:50:55 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike A Lyons: "Re: Livingston bugs..."
Previous message: Jay 'Whip' Grizzard: "Livingston bugs..."
In reply to: Jay 'Whip' Grizzard: "Livingston bugs..."
Next in thread: Mike A Lyons: "Re: Livingston bugs..."

Lo and behold, Jay 'Whip' Grizzard once said:

> I, personally, can't understand such a passive attitude on the part of
> Livingston -- I personally would call a bug where you can crash virtually
> anyone's network connection, from virtually anywhere in the world, to be
> a major bug. Maybe it's just me...

   Because there's an easy solution to it which you've mentioned below:

> ObBugTraq: Apparently (at least, under limited testing), putting up a filter
> to prevent folks from getting to your login port from the outside world
> will protect you -- Except I don't _want_ to have to start filtering things
> out, and in some circuimstances (backbone routers, etc), it's not exactly
> a viable option. Do YOU want to have the bandwith of several T1's all
> running through a filter before they get off the router? No, thanks...

   Not necessarily.  Setting up a really simple filter to disallow
telnets to the portmaster itself is a very trivial option, and has been
discussed at _great_ length with many examples on the portmaster-users
mailing list.  Something as simple as

----- Quote from Carl Rigney  livingston -----
add filter notelnet.in
set filter notelnet.in 1 permit 192.168.2.0/24 192.168.2.2/32 tcp dst eq 23 log
set filter notelnet.in 2 deny 0.0.0.0/0 192.168.2.2/32 tcp dst eq 23 log
set filter notelnet.in 3 permit
set ether0 ifilter notelnet.in
save all

If you're having problems with your dial-in users doing this, you can
block that too by adding the following RADIUS attribute:

        Framed-Filter-Id = "notelnet"
------- end quote -----------

will solve that problem and any other possible "telnetting to the
portmaster and doing <blah blah blah>" problem.

    -Dave Andersen

--
angioaros.net                Complete virtual hosting and business-oriented
system administration         internet services.  (WWW, FTP, email)
http://www.aros.net/          http://www.aros.net/about/virtual/

Next message: Mike A Lyons: "Re: Livingston bugs..."
Previous message: Jay 'Whip' Grizzard: "Livingston bugs..."
In reply to: Jay 'Whip' Grizzard: "Livingston bugs..."
Next in thread: Mike A Lyons: "Re: Livingston bugs..."