D. J. Bernstein: > Wietse Venema, BLURB, log_tcp 3.0, comp.sources.misc volume 23: > > Optional features are: access control based on pattern matching, and > protection against rsh and rlogin attacks from hosts that pretend to > have someone elses host name. Let's be reasonable. The claim obviously was to protect against known rshd/rlogind attacks, not against every attack anyone might ever conceive. In the course of maintaining tcpd I learned new things, and built that knowledge into the software so that other people would profit from what I had learned. In the process I helped to make systems less vulnerable to known attacks. However, no software can give total protection against every attack, known or yet to be discovered. If you read such a claim in my writing, then I apologize for not being clear enough. Wietse PS: It's an interesting attack, but I still haven't seen your analysis of the effects of NIS, NSCD, etc. cacheing.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:50 PDT