|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: distributed.net and seti
home
Subject: Re: distributed.net and setihome
From: Robert Wojciechowski Jr. (robertwWOJO.COM)
Date: Sat Jan 29 2000 - 16:58:19 CST
- Next message: Justin Lintz: "Re: distributed.net and setihome"
- Previous message: Seth R Arnold: "Re: distributed.net and setihome"
- Maybe in reply to: Seth R Arnold: "distributed.net and setihome"
- Next in thread: Blue Boar: "Re: distributed.net and setihome"
- Next in thread: Justin Lintz: "Re: distributed.net and setihome"
- Maybe reply: Robert Wojciechowski Jr.: "Re: distributed.net and setihome"
- Reply: Blue Boar: "Re: distributed.net and setihome"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
If the clients contact the server, the only way to exploit the clients is to
make the client contact your own server I suppose.
This could be done via changing DNS records manually on a upstream DNS
server, a hacked client, an entry in the hosts file, etc. The all require
pretty much elevated access to the network (admin status) or the computer,
in which case you don't have to use the distributed clients to hack into the
machine.
I think it is possible in some cases to insert a DNS cache entry into a DNS
server manually, and you can fool all the clients that use that DNS server
to contact your own server. Then you could send custom packets back to the
client to overflow it, etc.
That's about all I can think about right now. It's the weekend, and I am
going to be lazy ;)
- Robert
> ----- Original Message -----
> From: Seth R Arnold [SMTP:sarnoldwillamette.edu]
> Sent: Saturday, January 29, 2000, 5:14:58
> To: Robert Wojciechowski Jr.
> Cc: 'VULN-DEVSECURITYFOCUS.COM'
> Subject: Re: distributed.net and setihome
>
> Robert, (and list :) -- with distributed.net and setihome, I am not so
> concerned with open ports -- the client goes to the trouble of downloading
> input data all on its own, so an open port would be superfluous. (sp?)
>
> I am thinking more along the lines of a buffer overflow, or
> "u17r4-s3cr3t-31337-bckd00r", or something like that.
>
> My personal guess is both distributed.net and setihome are secure enough
> for most everyone's purposes. But, that is a guess, and I haven't seen
> anyone try to see if there is a way to get either of them to execute code
> through malformed (or perfectly-formed :) data downloads. It would make me
> feel a lot better if someone out there (whitehat :) would take the trouble
> to try to find holes to be exploited -- because I know of a LOT of
machines
> that could be compromised in extremely vulnerable positions -- all with
the
> blessings of system administrators trying to be politically active or just
> hoping to find aliens. :)
>
> Wouldn't it be annoying to wake up one day to find your whole organization
> has been 0wned as a result of running rc5 from distributed.net?
>
> I am not saying it would be easy, or even practical, but it might be worth
> checking into. :)
>
Robert S. Wojciechowski Jr.
robertwwojo.com
- Next message: Justin Lintz: "Re: distributed.net and setihome"
- Previous message: Seth R Arnold: "Re: distributed.net and setihome"
- Maybe in reply to: Seth R Arnold: "distributed.net and setihome"
- Next in thread: Blue Boar: "Re: distributed.net and setihome"
- Next in thread: Justin Lintz: "Re: distributed.net and setihome"
- Maybe reply: Robert Wojciechowski Jr.: "Re: distributed.net and setihome"
- Reply: Blue Boar: "Re: distributed.net and setihome"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sun Jan 30 2000 - 11:12:49 CST