[1656] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] LPRng security

daemon@ATHENA.MIT.EDU (Miller, Raul D.)
Wed Oct 22 16:25:32 1997

From: "Miller, Raul D." <RDMiller@legislate.com>
To: linux-security@redhat.com, linux-security-request@redhat.com
Date: Wed, 22 Oct 97 06:15:00 PDT
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

Olaf Kirch wrote:
> Note that restricting the valid range of ports to 512-1023 also
> stops FTP bounce attacks (bounce attacks don't apply if you install
> the most recent wu-ftpd fix).
[but client is not suid]

This looks like an ideal job for identd (or nis, if you trust it).
Note that you'd need to restrict access to hosts with meaningful
identd support.

Another option might be a map from host ip to user # (for single
user hosts), but this would be best dealt with by the author.

-- 
Raul

--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post