Vulnerability Development mailing list archives
Re: Apple Mac DoS
From: Martin Sunnerdahl <martin.sunnerdahl () SOC LU SE>
Date: Thu, 14 Dec 2000 17:59:10 +0100
At 16.59 +0100 00-12-14, Jurriaan Kamer wrote:
On Wed, Dec 13, 2000 at 09:54:58AM -0000, The Q wrote:- Ports open are testhost@testhost ]$ nmap 192.168.1.96 ## IP of a mac boxen Starting nmap V. 2.53 by fyodor () insecure org ( www.insecure.org/nmap/ ) Interesting ports on (192.168.1.96): (The 1521 ports scanned but not shown below are in state: closed) Port State Service 427/tcp open svrloc 548/tcp open afpovertcp Nmap run completed -- 1 IP address (1 host up) scanned in 8 secondsAs far as I know, there are no ports opened by default by Mac OS 9. I guess it's one of the programs running on the Mac-box causing the open ports, and also causing the DoS vulnerability.
548 is Apple Filesharing via TCP/IP (the updated variant of the old AppleTalk protocol). It is not on per default, but is easily (and quite often if the users are using appletalk to communicate with other Macs anywhere in the world) activated. I will try this ASAP and see what it results in. I'd say, though, that in a "MacUser Jones" environment, not even one in a 100 has this activated... /Martin
Current thread:
- Apple Mac DoS The Q (Dec 15)
- Re: Apple Mac DoS Jurriaan Kamer (Dec 15)
- Re: Apple Mac DoS Ian Stoba (Dec 15)
- Re: Apple Mac DoS Daniel J. Luke (Dec 15)
- Re: Apple Mac DoS Daniel Harrison (Dec 15)
- Re: Apple Mac DoS Martin Sunnerdahl (Dec 15)
- Re: Apple Mac DoS Ian Stoba (Dec 15)
- Re: Apple Mac DoS Daniel J. Luke (Dec 15)
- Re: Apple Mac DoS 3APA3A (Dec 15)
- Re: Apple Mac DoS Ian Stoba (Dec 15)
- <Possible follow-ups>
- Re: Apple Mac DoS Matteo,Marc A. (Dec 17)
- Re: Apple Mac DoS Daniel J. Luke (Dec 18)
- Re: Apple Mac DoS Matteo,Marc A. (Dec 18)
- Re: Apple Mac DoS Daniel J. Luke (Dec 18)
- Re: Apple Mac DoS Jurriaan Kamer (Dec 15)