[1192] in bugtraq
Re: COPS reporting unrestricted NFS exports under Linux
daemon@ATHENA.MIT.EDU (Peter Sivo)
Tue Mar 7 00:44:25 1995
Date: Mon, 6 Mar 1995 08:47:39 +0800
From: peters@oes.amdahl.com (Peter Sivo)
To: karl@bagpuss.demon.co.uk, root@iifeak.swan.ac.uk
Cc: ch11mh@surrey.ac.uk, bugtraq@fc.net
> > I think this list has discussed the problems with having a hash
> > as the first character in /etc/hosts.equiv before. This is the standard
> > setup for Linux networking software.
> Does anyone have a handy document reference on this, then I'll go and get
> the starting # splatted for good if its a problem.
> Alan
I honestly don't have a handy document, but I remember reading somewhere
that depending on how naive your system software is, if someone had
a '#' mark in the /etc/hosts.equiv or /.rhosts files, I could change
some records in my DNS maps and rename my machine like so:
3.100.212.129.in-addr.arpa IN PTR me.foo.com
TO
3.100.212.129.in-addr.arpa IN PTR #
(something like that)
so that now my machine is renamed '#'. When your machine sees my machine
coming in, and looks it up in DNS, it sees that my machine is named '#'
and since that appears in the /etc/hosts.equiv or /.rhosts, it allows access.
Now, I have never done this and still wonder what brain-dead SW would parse
the /etc/hosts.equiv or /.rhosts file and take the # as not a comment, but
as an actual name (and be tricked into doing it), but hey...I'm just passing
on what I read awhile back (and maybe it is of no concern now).
Peter Sivo
Amdahl/Open Enterprise Systems
peters@oes.amdahl.com
