Bugtraq mailing list archives
Re: Re: COPS reporting unrestricted NFS exports under Linux
From: era () ucar edu (Ed Arnold)
Date: Mon, 6 Mar 1995 13:40:58 -0700 (MST)
Peter Sivo said:
I honestly don't have a handy document, but I remember reading somewhere that depending on how naive your system software is, if someone had a '#' mark in the /etc/hosts.equiv or /.rhosts files, I could change some records in my DNS maps and rename my machine like so: 3.100.212.129.in-addr.arpa IN PTR me.foo.com TO 3.100.212.129.in-addr.arpa IN PTR # (something like that) so that now my machine is renamed '#'. When your machine sees my machine coming in, and looks it up in DNS, it sees that my machine is named '#' and since that appears in the /etc/hosts.equiv or /.rhosts, it allows access.
It was my understanding that recent versions of BIND do not allow characters like '#' in hostnames. Is Linux delivered with an old BIND that does?
Current thread:
- Re: COPS reporting unrestricted NFS exports under Linux Karl Strickland (Mar 03)
- <Possible follow-ups>
- Re: COPS reporting unrestricted NFS exports under Linux Peter Sivo (Mar 05)
- Re: COPS reporting unrestricted NFS exports under Linux Patrick Horgan (Mar 05)
- Comments in /.rhosts (was Re: COPS reporting unrestricted NFS exports Christopher Samuel (Mar 07)
- Re: Re: COPS reporting unrestricted NFS exports under Linux Ed Arnold (Mar 06)
- Re: Re: COPS reporting unrestricted NFS exports under Linux Mike Shaver (Mar 06)
- how not to ship an O/S - more on Irix 5.2 anthony baxter (Mar 06)
- Re: Re: COPS reporting unrestricted NFS exports under Linux der Mouse (Mar 06)