[1656] in linux-security and linux-alert archive
[linux-security] LPRng security
daemon@ATHENA.MIT.EDU (Miller, Raul D.)
Wed Oct 22 16:25:32 1997
From: "Miller, Raul D." <RDMiller@legislate.com>
To: linux-security@redhat.com, linux-security-request@redhat.com
Date: Wed, 22 Oct 97 06:15:00 PDT
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Olaf Kirch wrote:
> Note that restricting the valid range of ports to 512-1023 also
> stops FTP bounce attacks (bounce attacks don't apply if you install
> the most recent wu-ftpd fix).
[but client is not suid]
This looks like an ideal job for identd (or nis, if you trust it).
Note that you'd need to restrict access to hosts with meaningful
identd support.
Another option might be a map from host ip to user # (for single
user hosts), but this would be best dealt with by the author.
--
Raul
--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null