An nmap scan of the outside of our new CachFlow OS 3.1.16 systems reveals a process listening on port 137/udp. According to the vendor it "is open as a workaround for older versions of IE that would not run Java applets until name resolution for the server has occurred or timed out. CacheOS does not use or support netbios. The response sent to queries on this port are static "canned" responses and is only sent to improve the responsiveness of IE browsers using the Web Console." CacheFlow OS runs on the very well known x86 CPU instruction set which can be dug into by anyone with the time to do so. Buffer overflow or other vulnerabilities could exist. How to test? Using x86 assembler instructions to perform intrusions? A UDP port 137 listener on the outside interface is a concern. We ask the vendor for instructions how to turn it off. (No response yet.) We don’t administer the boxes from the outside. Comments? Find the best deals on the web at AltaVista Shopping! http://www.shopping.altavista.com
This archive was generated by hypermail 2b30 : Wed May 23 2001 - 09:29:56 PDT