Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Novell Pandora Hack

From: ipm () hp ufl edu (Iain P.C. Moffat)
Date: Tue, 13 Apr 1999 15:08:07 -0500

Yes this is why the console log (and any other log files for that
matter) should be redirected to a quota restricted directory or better
yet another volume "var" perhaps.  Hmmm...what a concept.  While
this is still less than ideal, it will at least minimize the impact.

-Iain

On 13 Apr 99, at 12:03, Simple Nomad wrote:

Much stuff Cut.....


Of course spoofing the source of a Pandora attack can have other effects
with these security measures in place, since you could fill up the SYS
volume (stopping all server processing) with "invalid security signature"
messages. There is no "last message repeated 200,000 times" log entry in
Netware....

    Simple Nomad    //
 thegnome () nmrc org  //  ....no rest for the Wicca'd....
    www.nmrc.org    //



*******************************************
Iain P.C. Moffat
College of Health Professions
University of Florida
E-mail:  ipm () ufl edu
Voice:   352.392.0965
Fax:     352.392.6529
*******************************************
Previous By Date Next
Previous By Thread Next

Current thread: