Re: [linux-security] Linux UNFSD Security Problems

From: Anthony C. Zboralski (franticat_private)
Date: Fri Aug 28 1998 - 09:39:15 PDT

Next message: Steve Jackson: "Re: Security Hole in Axent ESM"

Previous message: A Mennucc1: "Re: [linux-security] Linux UNFSD Security Problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 28 Aug 1998, A Mennucc1 wrote:

> I propose this short script for people running
>  Linux 2.0
>
> it will use  ip input firewalling  to stop accesses to RPC services
> but from a list of allowed hosts.

knfsd is also vulnerable, here is another short script "rpc-deny"  for
people using 2.1:

#!/usr/bin/perl -w

$rpcdeny = '/sbin/ipchains -A rpc-deny -l -j DENY -s 0.0.0.0/0 -d
0.0.0.0/0 ';
$rpcinfo = "/usr/bin/rpcinfo";


system("/sbin/ipchains -N rpc-deny");
system("/sbin/ipchains -F rpc-deny");
system("/sbin/ipchains -A input -i ppp+ -j rpc-deny");


open (RPCINFO, "-|") || exec($rpcinfo, '-p', 'localhost') ;
while (<RPCINFO>)
{
  next if /\s+program\s+vers/;
  /(\S+)\s+(\S+)\s+(\S+)$/;
  ($proto,$port,$name) = ($1,$2,$3);
  system("echo Deny $name on $proto port $port\n");
  system("$rpcdeny $port -p $proto");
}

Next message: Steve Jackson: "Re: Security Hole in Axent ESM"
Previous message: A Mennucc1: "Re: [linux-security] Linux UNFSD Security Problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:00 PDT