Kernel Security Alert
The Wolf
codewolf@earthlink.net
Fri, 09 Jun 2000 23:28:49 -0700
Craig White wrote:
>
> >
> > "J.L.Francois" wrote:
> > >
> > > Haven't seen this posted on the list yet:
> > >
> > > http://sendmail.net/?feed=000607linuxbug
> > >
> > > Be Afraid!
> > >
> > > Jean Francois Sends...
> > > President & CEO - MagusNet, Inc., MagusNet.com,
> > MagusNet.Gilbert.AZ.US
> > > Director Of Managed Services OpNIX, http://www.opnix.com/
> > > ***********************Simply Better
> > Bandwidth****************************
> > > 602-770-JLF1 - Cellular, ICQ: 8137851
> > >
> > > _______________________________________________
> > > Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > Does this affect pople who do not allow services ouside??
> >
> > I am firewalling all ports for SYN packets.
> >
> > The Wolf
> > --
> Actually, my understanding is that this is a local exploit only...meaning
> that the firewall is not a factor.
>
> Wouldn't blocking the return of all SYN packets prevent masquerading from
> working?
>
> Craig
>
> _______________________________________________
> Plug-discuss mailing list - Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Not really.
I think only in ftp case it may be a factor. But there is a workaround.
--
"The questions is not if we are paranoid,
the question is if we are paranoid enough."