Firewall Wizards mailing list archives
RE: Vulnerability Response (was: BGP TCP RST Attacks)
From: "Paul D. Robertson" <paul () compuwar net>
Date: Tue, 1 Jun 2004 15:35:49 -0400 (EDT)
On Tue, 1 Jun 2004, R. DuFresne wrote:
Strategically, I want to deal with it the right way- either removing the dependence on RPC (hey, all my Linux systems don't need network-based RPC anymore) or by getting the developers to give me better separation- MS is actually starting to do that with whatever-the-heck-the-next-bug-cluster-is-called.I do recall not long ago, some of these very same folks trying to work out how to do the same with SUN systems and RPC, which was then, a near nightmare iwth SUN's dependance or wish to depend upon RPC for many of it's services. One might have thought that would have been a clue for the redmond crowd to hook into by now?!
I did a kernel module once that bound daemon sockets to loopback, worked great for RPC services- but Sun's compiler hated me, so I ended up punting and doing the POC on Linux (this was before GCC was 64-bit clean on Sparc.) Logic went something like "if there's no controlling TTY, and you're trying to bind to if_any, then force the address for the call to loopback." I eventually added parent process checking- it was a fun little hack- unfortunately it only worked for things which went through the syscall table- guess what- in-kernel network filesystems on Linux don't. *sigh* Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Vulnerability Response (was: BGP TCP RST Attacks), (continued)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) R. DuFresne (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Jim Seymour (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Marcus J. Ranum (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) M. Dodge Mumford (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Marcus J. Ranum (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) R. DuFresne (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) R. DuFresne (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- Re:Vulnerability Response (was: BGP TCP RST Attacks) Marcus J. Ranum (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 03)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) George Capehart (Jun 03)
- Re: Re: Vulnerability Response (was: BGP TCP RST Attacks) Gwendolynn ferch Elydyr (Jun 03)