Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1999: Re: Novell Pandora Hack

Re: Novell Pandora Hack

Iain P.C. Moffat (ipmhp.ufl.edu)
Tue, 13 Apr 1999 15:08:07 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Brumley: "aDSL routers"
Previous message: Sam Morris: "Re: Novell Pandora Hack - Filling the SYS Volume"
In reply to: Simple Nomad: "Re: Novell Pandora Hack"
Next in thread: Sam Morris: "Re: Novell Pandora Hack"

Yes this is why the console log (and any other log files for that
matter) should be redirected to a quota restricted directory or better
yet another volume "var" perhaps.  Hmmm...what a concept.  While
this is still less than ideal, it will at least minimize the impact.

-Iain

On 13 Apr 99, at 12:03, Simple Nomad wrote:

Much stuff Cut.....

> Of course spoofing the source of a Pandora attack can have other effects
> with these security measures in place, since you could fill up the SYS
> volume (stopping all server processing) with "invalid security signature"
> messages. There is no "last message repeated 200,000 times" log entry in
> Netware....
>
>     Simple Nomad    //
>  thegnomenmrc.org  //  ....no rest for the Wicca'd....
>     www.nmrc.org    //

*******************************************
Iain P.C. Moffat
College of Health Professions
University of Florida
E-mail:  ipmufl.edu
Voice:   352.392.0965
Fax:     352.392.6529
*******************************************

Next message: David Brumley: "aDSL routers"
Previous message: Sam Morris: "Re: Novell Pandora Hack - Filling the SYS Volume"
In reply to: Simple Nomad: "Re: Novell Pandora Hack"
Next in thread: Sam Morris: "Re: Novell Pandora Hack"