Firewall Wizards mailing list archives
Re: ZDNet Article: "Major Unix flaw emerges"
From: dbell <dbell () bway net>
Date: Tue, 2 Mar 1999 13:06:57 -0500 (EST)
On Mon, 1 Mar 1999, David C Niemi wrote:
http://www.zdnet.com/zdnn/stories/news/0,4586,2217922,00.html Major Unix flaw emerges Built-in bug lets hackers shut down ISPs at will, but Unix vendors don't seem overly concerned.
Note to the moderator: If you don't feel that this should be discussed on the list, please kill it. I copied the list because I thought it might be a legitimate topic of discussion. This article contains a lot of FUD. This problem is NOT new. I could similarly publish an article with a headline something like "Buffer Overflows threaten unix and NT security!!!" People have known about both sorts of flaw for at least 15 years. As the article indicates, it's not easy to launch an attack like this without making oneself easily detectible, and there are plenty of ways for a good unix admin to protect his machines (replace the default inetd with something that can limit the number of spawned processes, use stand-alone daemons that support this kind of limitation, like apache, etc.). As far as firewalls go, they should not be listening on very many ports, and those that are open should have daemons listening on them which are well-designed enough not to make problems like this. Of course, it's up to the vendors to get this right, to some degree... Finally, I don't know NT well enough to say whether or not it is vulnerable to something similar, but logically, it could be. -- Daniel Bell Heuer's Law: Any feature is a bug unless it can be turned off.
Current thread:
- RE: Hacked R. DuFresne (Mar 01)
- ZDNet Article: "Major Unix flaw emerges" David C Niemi (Mar 02)
- Re: ZDNet Article: "Major Unix flaw emerges" David LeBlanc (Mar 03)
- Re: ZDNet Article: "Major Unix flaw emerges" dbell (Mar 03)
- <Possible follow-ups>
- RE: Hacked dreamwvr (Mar 02)
- RE: Hacked Bluefish [@ home] (Mar 03)
- Re: Hacked Bennett Todd (Mar 04)
- ZDNet Article: "Major Unix flaw emerges" David C Niemi (Mar 02)