Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Standard & Poors security nightmare

From: dick () SEAMAN ORG (Richard Seaman, Jr.)
Date: Sun, 21 May 2000 08:19:11 -0500

On Sat, May 20, 2000 at 06:09:00PM -0500, Richard Seaman, Jr. wrote:
[snip]


Many of these problems still exist.  However, they have disabled at least
some unneeded services, including named, apache and sendmail.  samba is
still on, but unneeded.  Likewise for nfsd.  I have disabled both without
adverse effect.  World writeable directories and files are still a problem
(eg. /etc/rc.d/rc.local was world writeable).


One other thing I forgot about.  They have lots of stuff turned on in inetd.conf.
It can all be turned off without any ill effect on the MCSP function.

[snip]


For sat feed customers, I'd say that
changing the passwords, disabling samba and nfsd, and keeping the MCSP
"outside" interface behind a firewall on a "trusted network" will
reduce the vulnerabilities dramatically as compared to the MCSP setup
you analyzed.


Plus turn off inetd, or else turn off everything in inetd.conf you don't need.


--
Richard Seaman, Jr.        email: dick () seaman org
5182 N. Maple Lane         phone:    262-367-5450
Nashotah WI 53058            fax:    262-367-5852
Previous By Date Next
Previous By Thread Next

Current thread: