Vulnerability Development mailing list archives

Re: forged packets?

From: dufresne () WINTERNET COM (Ron DuFresne)
Date: Tue, 26 Oct 1999 09:54:39 -0500


What interestes me, is that if this series or warnings is valid, how not a
single linux security list has yet posted an advisory concerning this to
any of their lists, not the slackware, nor redhat, nor even suse lists.
Though, I guess it took a week or two for those lists to finally latch
onto the wu-ftpd advisory...

Thanks,

Ron DuFresne

On Mon, 25 Oct 1999, David Schwartz wrote:

Forgive me if Im asking a stupid question this issue has been bothering

   Any local user can send any packet to any host from most Linux
default

AFAIK, a local user ( root?) on a linux system if running nmap is able

Any further comments or corrections will be greatly appreciated to clear


      "Any local user" != "root"

      DS


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Current thread:

Re: FreeBSD listen(), (continued)
- - - Re: FreeBSD listen() Warren Young (Oct 28)
    - Re: ICQ 2000 Bernie Cosell (Oct 27)
    - Re: ICQ 2000 Ripple (Oct 26)
    - Re: ICQ 2000 Sean Burford (Oct 26)
    - stealth executables Brad Griffin (Oct 26)
    - Re: stealth executables Adolfo Soto (Sep 30)
    - [Fwd: ICQ 2000] Blue Boar (Oct 26)
    - Re: [Fwd: ICQ 2000] Brad Griffin (Oct 27)
    - Re: ICQ 2000 Blue Boar (Oct 30)
- Re: forged packets? David Schwartz (Oct 25)
  - Re: forged packets? Ron DuFresne (Oct 26)
- Re: forged packets? David Taylor (Oct 25)