[2786] in bugtraq
Re: Read only devices (Re: BoS: amodload.tar.gz - ...)
daemon@ATHENA.MIT.EDU (Chris A. Petro)
Mon Jun 24 03:31:46 1996
Date: Sat, 22 Jun 1996 16:48:07 -0400
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: "Chris A. Petro" <petroca@acasun.eckerd.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <199606211401.JAA16987@ihig1.att.att.com> from "Mark Riggins
Mark.Riggins@att.com" at Jun 21, 96 09:58:32 am
> This opens up new avenues of attack. (the server may now be
> suseptible to attacks from the inside. )
> A attacking system could answer NFS reads with its own
> data. Not a trivial attack, but I did read about it being done. If the
> hardened server is serving as a firewall platform it may not be able
> to trust *either* side.
I have source for something similar that spoofs yp passwd (or any NIS map)
entries. Nifty. I'm sure it could be modified quite easily. If anyone
is interested, I'll hunt it down and post it (this is bugtraq, after all).
I found it on the web somewhere, so it's not like it isn't already
available.
I haven't tried it, but the author seems quite knowledgable, so I imagine
that it works :^)
_____________________________________________________________________________
Christopher Petro | -- Tampa Bay Media & Data Services --
813-547-2278 | * Complete hardware, software and networking solutions,
P.O. Box 2178 | including integration of technologies (eg., video or
Pinellas Park, FL | telephony and computers) and custom software
34664-2178 | * Professional audio, video and lighting systems
