Bugtraq mailing list archives
Re: Novell Pandora Hack
From: ipm () hp ufl edu (Iain P.C. Moffat)
Date: Tue, 13 Apr 1999 15:08:07 -0500
Yes this is why the console log (and any other log files for that matter) should be redirected to a quota restricted directory or better yet another volume "var" perhaps. Hmmm...what a concept. While this is still less than ideal, it will at least minimize the impact. -Iain On 13 Apr 99, at 12:03, Simple Nomad wrote: Much stuff Cut.....
Of course spoofing the source of a Pandora attack can have other effects with these security measures in place, since you could fill up the SYS volume (stopping all server processing) with "invalid security signature" messages. There is no "last message repeated 200,000 times" log entry in Netware.... Simple Nomad // thegnome () nmrc org // ....no rest for the Wicca'd.... www.nmrc.org //
******************************************* Iain P.C. Moffat College of Health Professions University of Florida E-mail: ipm () ufl edu Voice: 352.392.0965 Fax: 352.392.6529 *******************************************
Current thread:
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight, (continued)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Olaf Kirch (Apr 09)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Mark Crispin (Apr 09)
- Re: ipop3d (x2) / pine (x2) / ... GvS (Apr 11)
- Re: ipop3d (x2) / pine (x2) / ... Thomas Roessler (Apr 12)
- [support_feedback () us-support external hp com: Security Bulletins Patrick Oonk (Apr 13)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Mark Crispin (Apr 09)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight Olaf Kirch (Apr 09)
- Patrol security bugs fcosta (Apr 09)
- Re: ipop3d (x2) / pine (x2) / Linux kernel (x2) / Midnight M.C.Mar (Apr 09)
- New Novell Remote.NLM Password Decryption Algorithm with Exploit dreamer () RELIA NET (Apr 09)
- Novell Pandora Hack Jeremy M. Guthrie (Apr 12)
- Re: Novell Pandora Hack Simple Nomad (Apr 13)
- Re: Novell Pandora Hack Iain P.C. Moffat (Apr 13)
- aDSL routers David Brumley (Apr 13)
- Re: aDSL routers Derek Vadala (Apr 14)
- aDSL routers Brad Zimmerman (Apr 14)
- Re: aDSL routers Truman Boyes (Apr 14)
- New Novell Remote.NLM Password Decryption Algorithm with Exploit dreamer () RELIA NET (Apr 09)