OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Vuln-Dev Archives: Re: Administrivia #4883/flowpoints

Re: Administrivia #4883/flowpoints

Subject: Re: Administrivia #4883/flowpoints
From: jason storm (jmsNEGATION.NET)
Date: Fri Jan 14 2000 - 12:13:39 CST

On Fri, 14 Jan 2000, Marc Esipovich wrote:

> On Thu, 13 Jan 2000, jason storm wrote:
>
> > depending on the version OS your flowpoint runs, you can limit what ip's
> > can telnet in using the filter command. if you apply that feature
> > correctly, you effectively prohibit brute forcing the router pw. treat it
> > like cisco's access-list's retarded little brother and you wont be too
> > disapointed.
>
> Well, adding a short delay in the code which authenticates the password
> would make brute-force pretty painful and time-consuming.

true.. adding a 5 second delay might make it take longer but the attack
might well still go undetected unless one is in the habit of checking the
system history on the router, and i doubt the vast majority of flowpoint
owners do this. ultimately, delay code might turn a 1 day hack into a 1
week hack, but it probably wont stop someone dedicated from getting in.
id say the most efficient solution is the filter still.

-jason

This archive was generated by hypermail 2b27 : Fri Jan 14 2000 - 12:29:27 CST