[10207] in bugtraq
Re: Novell Pandora Hack - Filling the SYS Volume
daemon@ATHENA.MIT.EDU (Sam Morris)
Wed Apr 14 13:13:08 1999
Date: Tue, 13 Apr 1999 13:38:27 -0600
Reply-To: Samuel_A._Morris@NOTES.UP.COM
From: Sam Morris <Samuel_A._Morris@NOTES.UP.COM>
To: BUGTRAQ@NETSPACE.ORG
You can put a limit on the maximum size of the error log file (SYS$LOG.ERR)
though..... This will stop it from filling the volume.
Sam
Of course spoofing the source of a Pandora attack can have other effects
with these security measures in place, since you could fill up the SYS
volume (stopping all server processing) with "invalid security signature"
messages. There is no "last message repeated 200,000 times" log entry in
Netware....
