Re: AOL on port 5190

Dave O'Shea (daveosheaemail.msn.com)
Fri, 18 Sep 1998 19:17:10 -0500

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: John McDermott: "Re: Penetration testing via shrinkware"
• Previous message: tqbf: "Re: Penetration testing via shrinkware"
• In reply to: Crispin Cowan: "Re: Penetration testing via shrinkware"

>Besides the generally bad idea of allowing what are likely to be
>personal use accounts....
>
>Are there known issues, vulnerabilities in opening up port 5190 to allow
>AOL access from inside -> out?

AOL does create, through a tunneling protocol, an additional IP address on
the originating workstation, which can freely communicate (and be
communicated with) by anyone outside.

My experience is that it does *not* become the preferred address, but in
theory could be used to exploit an existing weakness on the 95 or 98 box. I
am thinking specifically that if some remote administration software
(Tivoli, Seagate, Platinum) was installed, that port could be scanned
externally, and if the person doing the scanning knew their stuff, they
could hijack the workstation.

The down side of restricting this is that it encourages users to sidestep
network security, by doing things like installing analog dial-out lines,
which have all kinds of security implications.

On balance, I think it's safer to allow users to access AOL, but warn them
of the possibility of security risks.

• Next message: John McDermott: "Re: Penetration testing via shrinkware"
• Previous message: tqbf: "Re: Penetration testing via shrinkware"
• In reply to: Crispin Cowan: "Re: Penetration testing via shrinkware"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:47 CDT