[14979] in bugtraq
Re: Standard & Poors security nightmare
daemon@ATHENA.MIT.EDU (Richard Seaman, Jr.)
Mon May 22 02:43:32 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <20000521081911.D2883@seaman.org>
Date: Sun, 21 May 2000 08:19:11 -0500
Reply-To: "Richard Seaman, Jr." <dick@SEAMAN.ORG>
From: "Richard Seaman, Jr." <dick@SEAMAN.ORG>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000520180900.B2883@seaman.org>; from dick@seaman.org on Sat,
May 20, 2000 at 06:09:00PM -0500
On Sat, May 20, 2000 at 06:09:00PM -0500, Richard Seaman, Jr. wrote:
[snip]
> Many of these problems still exist. However, they have disabled at least
> some unneeded services, including named, apache and sendmail. samba is
> still on, but unneeded. Likewise for nfsd. I have disabled both without
> adverse effect. World writeable directories and files are still a problem
> (eg. /etc/rc.d/rc.local was world writeable).
One other thing I forgot about. They have lots of stuff turned on in inetd.conf.
It can all be turned off without any ill effect on the MCSP function.
[snip]
> For sat feed customers, I'd say that
> changing the passwords, disabling samba and nfsd, and keeping the MCSP
> "outside" interface behind a firewall on a "trusted network" will
> reduce the vulnerabilities dramatically as compared to the MCSP setup
> you analyzed.
Plus turn off inetd, or else turn off everything in inetd.conf you don't need.
--
Richard Seaman, Jr. email: dick@seaman.org
5182 N. Maple Lane phone: 262-367-5450
Nashotah WI 53058 fax: 262-367-5852
