[7791] in bugtraq
Re: [linux-security] Linux UNFSD Security Problems
daemon@ATHENA.MIT.EDU (Anthony C. Zboralski)
Fri Aug 28 13:34:20 1998
Date: Fri, 28 Aug 1998 18:39:15 +0200
Reply-To: "Anthony C. Zboralski" <frantic@SCT.FR>
From: "Anthony C. Zboralski" <frantic@SCT.FR>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19980828175516.A19325@Tonelli.sns.it>
On Fri, 28 Aug 1998, A Mennucc1 wrote:
> I propose this short script for people running
> Linux 2.0
>
> it will use ip input firewalling to stop accesses to RPC services
> but from a list of allowed hosts.
knfsd is also vulnerable, here is another short script "rpc-deny" for
people using 2.1:
#!/usr/bin/perl -w
$rpcdeny = '/sbin/ipchains -A rpc-deny -l -j DENY -s 0.0.0.0/0 -d
0.0.0.0/0 ';
$rpcinfo = "/usr/bin/rpcinfo";
system("/sbin/ipchains -N rpc-deny");
system("/sbin/ipchains -F rpc-deny");
system("/sbin/ipchains -A input -i ppp+ -j rpc-deny");
open (RPCINFO, "-|") || exec($rpcinfo, '-p', 'localhost') ;
while (<RPCINFO>)
{
next if /\s+program\s+vers/;
/(\S+)\s+(\S+)\s+(\S+)$/;
($proto,$port,$name) = ($1,$2,$3);
system("echo Deny $name on $proto port $port\n");
system("$rpcdeny $port -p $proto");
}
