[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: [linux-security] Linux UNFSD Security Problems
From:       "Anthony C. Zboralski" <frantic () SCT ! FR>
Date:       1998-08-28 16:39:15
[Download RAW message or body]

On Fri, 28 Aug 1998, A Mennucc1 wrote:

> I propose this short script for people running
>  Linux 2.0
>
> it will use  ip input firewalling  to stop accesses to RPC services
> but from a list of allowed hosts.

knfsd is also vulnerable, here is another short script "rpc-deny"  for
people using 2.1:

#!/usr/bin/perl -w

$rpcdeny = '/sbin/ipchains -A rpc-deny -l -j DENY -s 0.0.0.0/0 -d
0.0.0.0/0 ';
$rpcinfo = "/usr/bin/rpcinfo";


system("/sbin/ipchains -N rpc-deny");
system("/sbin/ipchains -F rpc-deny");
system("/sbin/ipchains -A input -i ppp+ -j rpc-deny");


open (RPCINFO, "-|") || exec($rpcinfo, '-p', 'localhost') ;
while (<RPCINFO>)
{
  next if /\s+program\s+vers/;
  /(\S+)\s+(\S+)\s+(\S+)$/;
  ($proto,$port,$name) = ($1,$2,$3);
  system("echo Deny $name on $proto port $port\n");
  system("$rpcdeny $port -p $proto");
}

[prev in list] [next in list] [prev in thread] [next in thread]