[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: [linux-security] Linux UNFSD Security Problems
From: "Anthony C. Zboralski" <frantic () SCT ! FR>
Date: 1998-08-28 16:39:15
[Download RAW message or body]
On Fri, 28 Aug 1998, A Mennucc1 wrote:
> I propose this short script for people running
> Linux 2.0
>
> it will use ip input firewalling to stop accesses to RPC services
> but from a list of allowed hosts.
knfsd is also vulnerable, here is another short script "rpc-deny" for
people using 2.1:
#!/usr/bin/perl -w
$rpcdeny = '/sbin/ipchains -A rpc-deny -l -j DENY -s 0.0.0.0/0 -d
0.0.0.0/0 ';
$rpcinfo = "/usr/bin/rpcinfo";
system("/sbin/ipchains -N rpc-deny");
system("/sbin/ipchains -F rpc-deny");
system("/sbin/ipchains -A input -i ppp+ -j rpc-deny");
open (RPCINFO, "-|") || exec($rpcinfo, '-p', 'localhost') ;
while (<RPCINFO>)
{
next if /\s+program\s+vers/;
/(\S+)\s+(\S+)\s+(\S+)$/;
($proto,$port,$name) = ($1,$2,$3);
system("echo Deny $name on $proto port $port\n");
system("$rpcdeny $port -p $proto");
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic