Re: AOL on port 5190

[James Croall <jcroall () tis com>]

At 06:32 AM 9/18/98 -0500, Ferguson, Linwood wrote:
> Besides the generally bad idea of allowing what are likely to be
> personal use accounts....
>
> Are there known issues, vulnerabilities in opening up port 5190 to allow
> AOL access from inside -> out?

Well, the "AOL protocol" that you see on the wire running over TCP/IP
is the same thing thet you'd see if you tap your modem. As such it *does*
allow for an encapsulated IP connection. In other words, somebody could
connect to AOL via your firewall and have a network interface outside the
firewall.

I've been working on a PPP client that uses AOL's IP services -- it's a cheap
ISP, anywhere in the world.

- James