[8917] in bugtraq

home help back first fref pref prev next nref lref last post

Re: ACC's 'Tigris' Access Terminal server security vunerability..

daemon@ATHENA.MIT.EDU (Patrik Backstrom)
Mon Jan 4 02:32:38 1999

Date: 	Mon, 4 Jan 1999 00:15:07 +0100
Reply-To: Patrik Backstrom <pb@TECHNO.ORG>
From: Patrik Backstrom <pb@TECHNO.ORG>
X-To:         Robert Thomas <rob@RPI.NET.AU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <368E254A.50614E49@rpi.net.au>

On Sun, 3 Jan 1999, Robert Thomas wrote:

I have almost daily contact with ACC's technicians, and i'll make sure
they receive the information, first thing tomorrow morning.

For now, a quick workaround is to restrict telnet access to only the hosts
(or networks) which should be allowed access. Also, it's a good idea to
restrict SNMP and HTTP access to the router.

Issue the following commands:

ADD ACCESS ENTRY <network> <netmask> 23 TELNET
ADD ACCESS ENTRY <network> <netmask> 80 HTTP
ADD ACCESS ENTRY <network> <netmask> 0 PUBLIC

Regarding source routing, it's only enabled if you have a source routing
entry for the physical port, like:

ADD SR PORT ENTRY ETHERNET 1 J7.1
SET SR PORT STATE 1 ENABLED

You can easily disable source routing for the port by typing

SET SR PORT STATE <num> DISABLED

To check if you have source routing configuration in the box, type:

SHOW SR

Hope this helps.

/pb

            [ Boycott Microsoft -- http://www.vcnet.com/bms ]

home help back first fref pref prev next nref lref last post