-----BEGIN PGP SIGNED MESSAGE-----
David Talkington wrote:
>restrict default ignore
>restrict time.server.address nomodify
I confused my sources. time.server.address is the IP of the server
which yours trusts. Therefore, what the above should do is ensure
that only the server named in time.server.address will be able to run
the exploit against your target machine. Please note, however, that
the UDP protocol is easy to spoof, so this isn't much protection.
It's also worth noting that I haven't yet seen evidence of a
successful remote root entry via this buffer overflow. All we're
seeing so far are seg. faults and core dumps.
- -d
- --
David Talkington
Prairienet
[EMAIL PROTECTED]
PGP key: http://www.prairienet.org/~dtalk/dt000823.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6
iQEVAwUBOs41w71ZYOtSwT+tAQFiOQgA0v7cW23pn0zLnb2zXg3ytSxuBEZz/tlD
btrFjOLZEDRNUzWdDLsyJCSytrXQsc6obXZVAq6AGxc7SPMMROSotcSWuv004tmW
nkOstJfkHgk6ItsQLgQS9/ISl8naJHONYUqiasnl5iQ7Op8ZkyV35XBV3ziwC7aD
e4iNeuzN0ZCnxtJhjgtjgTwUGrRl8KGIdvOLI+P/t7ejzv9bdKhMyD/qrvFDqCD+
ZiFc/qkysj1v5ZK4BjBAR2k1EueoYft36QE5yKDJvsIDMeCEZ5NG4SsfRntvD6io
3aJlzavQQCZ1xqpaAs6XyP/lRnCoaKfr99JBxZCJbbc0d9FcKYCQKg==
=fxIi
-----END PGP SIGNATURE-----
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
