Vulnerability Development mailing list archives
Re: MacOS 8 Web Sharing known problems?
From: dan () VEGAS COM (dan)
Date: Fri, 11 Feb 2000 08:55:19 -0800
There is a program called Overdose that runs on Mac's, it claims to kill the personal web server that came with 8.5. I haven't really played with it so I don't know if it works. The original place I downloaded it has since closed down . I am not sure if there are any mirrors that have it but send an email my way if you want to test it out and I'll try to get it to you. Dan
Running MacOS9 I havent had any problems. I just hit my G3 300 mhz running MacOS9 with all of the DoS tools I could find: OOB, Land, blat, UDP floods, TCP blast, ICMP floods etc. (pretty long list) aside from bandwidth issues I didn't really even see a performance hit. This is all against the personal web server, not the fancier, very expensive server product. Some earlier versions MacOS8 didn't handle certain floods very well, but Apple seems to have fixed this. Unpatched, MacOS can be used to amplify ICMP see: http://www.securiteam.com/securitynews/Macintosh_computers_can_be_use d_to_cause_massive_DoS_attacks_on_the_network__Patch_available_.html As for security, there *might* be some dangers involved in access control -- apparently in order to enable user authentication for access to files in the "Personal Web Folder" you have to enable file sharing. (Not that I have any reason to believe the file sharing mechanisms are flawed, peer-to-peer file sharing is inherantly dangerous.) Something interesting though... when you enable web sharing, port 80 isn't the only thing listening. Also port 427 udp and tcp magically appears. I don't know what these ports are, but does this mean that file sharing is implicitly enabled once you enable the web server? I don't know what these ports represent. Since the personal web server doesnt support cgi, ssi, frontpage or any server-side dynamic content for that matter it does limit the type of attacks that can be done. There could be something within the PNF (personal net finder), I get inconsistent results when playing with it. (personal netfinder automagically indexes all of the files in your web sharing directory, and lists them in a directory format == you can't hide files from public view.) for example the string: http://192.168.1.70/PNF:/.. doesn't allow me to query the PNF again when I try it from communicator 4.7/Linux, but the PNF allows further queries when the same type of strings are done from the BeOS default browser, NetPositive. Odd. Any ideas on port 427? My apologies for the length of this message, I got carried away. -Todd
Current thread:
- MacOS 8 Web Sharing known problems? Atro Tossavainen (Feb 09)
- Re: MacOS 8 Web Sharing known problems? Vladimir Dubrovin (Feb 10)
- Re: MacOS 8 Web Sharing known problems? Todd Garrison (Feb 10)
- Re: MacOS 8 Web Sharing known problems? dan (Feb 11)
- Re: MacOS 8 Web Sharing known problems? Todd Garrison (Feb 10)
- <Possible follow-ups>
- Re: MacOS 8 Web Sharing known problems? Ken Williams (Feb 15)
- unsubscribe Richard P. Holzberg III (Feb 16)
- Re: MacOS 8 Web Sharing known problems? Ken Williams (Feb 15)
- Re: MacOS 8 Web Sharing known problems? Vladimir Dubrovin (Feb 10)