|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Alert: IE 4.0 Security Zone compromise
Weed Whacker (whacker
PRONTOMAIL.COM)Wed, 21 Oct 1998 12:00:36 -0400
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Aleph One: "Sun Security Bulletin #00177"
- Previous message: Norbert Luckhardt: "Re: Alert: IE 4.0 Security Zone compromise"
- Maybe in reply to: Aleph One: "Alert: IE 4.0 Security Zone compromise"
About 10 days ago Novell was informed about their tcpip.nlm being vulnerable to the old chargen and echo denial of service attack. I tested and confirmed that Netware 4.11 and 5.0 running tcpip.nlm can be exploited, unless the admin has implemented IP packet filters to prevent servicing these ports (chargen and echo cannot be turned off - IP packets must be filtered). A description of the ancient exploit, along with the code that I downloaded and used for the test, is here: http://www.netcraft.com/presentations/interop/dos.html A Netware admin can implement IP packet filters (directions courtesy a first-rate netware admin): load inetcfg select protocols select tcp/ip enable filtering support exit (and save, of course) load filtcfg select tcp/ip select packet forwarding filters enable it press enter on filters use insert to install each filter (chargen and echo, udp and tcp) exit to the console prompt and type "reinitialize system" Later, Weed Whacker ______________________________________________________________ Get Your Free E-mail and Homepage at http://www.prontomail.com
- Next message: Aleph One: "Sun Security Bulletin #00177"
- Previous message: Norbert Luckhardt: "Re: Alert: IE 4.0 Security Zone compromise"
- Maybe in reply to: Aleph One: "Alert: IE 4.0 Security Zone compromise"