Re: analysis of auditable port scanning techniques

[Michael S Soukup <soukup () US IBM COM>]

-----BEGIN PGP SIGNED MESSAGE-----

Section 1.5.2 of this paper describes an attack termed the "FTP server bounce
attack".

The author states that AIX is vulnerable to this type of attack.

This is no longer true: this vulnerability was fixed some time ago in
AIX versions 4.1, 4.2, and 4.3. APARS containing the patches are available.

Many thanks,
Mike Soukup

************************************************
Michael Soukup
AIX Security Team Lead
AIX Security and Performance Tools Dept. (UD3A)
IBM Austin

Phone: (512) 838-0595
e-mail: soukup () us ibm com

Personal PGP KeyID: 1024/3C203F04
IBM Security Alert PGP KeyID: 1024/F5620AAF
************************************************

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQCVAwUBOlYe2wsPbaL1YgqvAQH5AgQAwfBLFR+ROd5jMCnxEJ0ANJYPDyRLgqT5
Kj/g6mLRsKqp0hTpMlldvx4gnHJ6CvFO5D8mdYvOtExbfGeTjzOLFEsJ/6gDVnNX
8GauvfVGHgmv7q7ITk7QrUwYLwxJgwX/vmWQrfyGH4qFZtZGF/wUpuXb2nO5Kvwd
t0vlqbLkBtU=
=TUqv
-----END PGP SIGNATURE-----