nanog mailing list archives

Re: Cisco says attacks are due to operational practices

From: adrian () creative net au
Date: Sat, 12 Feb 2000 03:07:25 +0800


On Fri, Feb 11, 2000, Bora Akyol wrote:


Unfortunately, ssh on linux regularly assigns ports when ssh'ing out from a box
below 1024, I think this is a bug, but make writing firewall commands annoying.

Bora


Its not a bug, its a leftover from rsh days - if the connection originates
from a port below 1024, you could assume *cough* that the credentials the
connection supplies are authentic, since the process needs to be root to
bind to ports < 1024.

This isn't a "but thats flawed!" discussion seed, take that to bugtraq.

There's a flag to ssh somewhere to stop it doing that. Yup, -P .




Adrian

Current thread:

Re: Cisco says attacks are due to operational practices, (continued)
- - - Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
    - Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
    - Re: Cisco says attacks are due to operational practices Majdi S. Abbas (Feb 10)
    - Re: Cisco says attacks are due to operational practices Jared Mauch (Feb 10)
    - Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
    - Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
    - Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
    - Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
    - Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
    - Re: Cisco says attacks are due to operational practices Bora Akyol (Feb 11)
    - Re: Cisco says attacks are due to operational practices adrian (Feb 11)
    - Re: Cisco says attacks are due to operational practices Adam McKenna (Feb 11)
    - Re: Cisco says attacks are due to operational practices Stephen Sprunk (Feb 11)
    - Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 11)
    - Re: Cisco says attacks are due to operational practices Vijay Gill (Feb 10)
    - Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
    - Re: Cisco says attacks are due to operational practices Wayne Bouchard (Feb 10)
    - Re: Cisco says attacks are due to operational practices Richard Steenbergen (Feb 10)
    - Re: Cisco says attacks are due to operational practices Marc Slemko (Feb 10)
  - Re: Cisco says attacks are due to operational practices Mark Milhollan (Feb 14)
- Re: Cisco says attacks are due to operational practices Sean Donelan (Feb 10)

(Thread continues...)