Re: Alert: Microsoft Security Bulletin (MS99-038) - Source Routing Pa tch

Peter da Silva (peterABBNM.COM)
Sat, 25 Sep 1999 10:14:55 GMT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Henry J. Escobar: "Re: what if you cannot trust jne"
• Previous message: Kore: "syskey verification of installation"

In article <646436510D70D3118434009027ACB0FC043951main.aristasoft.com>,
Bill Stout <Bill.StoutARISTASOFT.COM> wrote:
> I notice the dead silence on the list about this, from my perspective this
> is a major issue.

It's a non-issue for most people with competent firewall setups. This is
why you have a screening router in front of the firewall and DMZ, that drops
things like source-routed packets, packets with "inside" source addresses,
and other curious goods. It's more of an issue with ISPs with colo setups
and shell or web servers that allow customers to run arbitrary scripts, and
god help them if they haven't already taken steps to deal with this kind of
exotic traffic.

Much as I enjoy bashing Microsoft, if you're exploitable because of this
hole you're probably exploitable in lots of other ways that are harder to
fix.

--
In hoc signo hack, Peter da Silva <peterbaileynm.com>
 `-_-'   Ar rug tú barróg ar do mhactíre inniu?
  'U`    "You are trapped in a maze of screens and ssh sessions all alike."
         "It is dark, and you are likely to log off the wrong account." -- Nep.

• Next message: Henry J. Escobar: "Re: what if you cannot trust jne"
• Previous message: Kore: "syskey verification of installation"

This archive was generated by hypermail 2.0b3 on Fri Oct 01 1999 - 12:37:42 CDT