Vulnerability Development mailing list archives
Re: Ports 0-1023?
From: Mark Ruth <Mark.Ruth () gmx net>
Date: Thu, 4 Jul 2002 09:32:02 +0200 (MEST)
Hi, did you ever think about the consequences if someone is able to setup a fake sshd or telnet daemon? Do i hear "sniffing" from uid(nobody) gained trough new apache vuln?! (just for example, of course). Attackers would find a way to kill a process local/remote and setup their own progs. No need to change the tradition.
Is there any point in needing to be root in order to allocate the low
ports
on unix-like systems, anymore? Could we get away from having to have some
daemons even have a root stub in order to listen on a low port? What
would
break, and what new holes would be created? Could some sort of port ACL
simply be used that says a particular UID can allocate a particular range
of ports?
Discuss.
BB
-- Mark Ruth Unix Systems Administrator New York, ksh-2 () markruth 2y net GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
Current thread:
- RE: Ports 0-1023?, (continued)
- RE: Ports 0-1023? Amanda Jones (Jul 04)
- RE: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Dan Kaminsky (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Sebastian Krahmer (Jul 05)
- Re: Ports 0-1023? robbe (Jul 04)
- Re: Ports 0-1023? Dave Aitel (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? hicks (Jul 04)
- Re: Ports 0-1023? Juan M. Courcoul (Jul 04)
- Re: Ports 0-1023? Mark Ruth (Jul 04)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- Re: Ports 0-1023? gminick (Jul 04)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- Re: Ports 0-1023? gminick (Jul 05)
- Re: Ports 0-1023? George W. Capehart (Jul 05)
- Re: Ports 0-1023? Bruno Morisson (Jul 04)
- RE: Ports 0-1023? Amanda Jones (Jul 04)
- Re: Ports 0-1023? Michal Zalewski (Jul 04)
- Re: Ports 0-1023? Brian Hatch (Jul 04)
- Re: Ports 0-1023? Blue Boar (Jul 04)