Re: [Full-disclosure] Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation

2005-06-11 Thread Chris Umphress 
> OK.  Fair enough, but at least some people found it "informative".  The
> technique described probably does affect many networking tools, as you
> stated, but one should ask if this is a proper coding technique or not
> (think secure code).  The input does not map to the expected output --
> and the user should have been told that the port number is out of range.
> Otherwise, what if he thinks 65571 is a valid port after executing that
> command?  He may be naive, but shouldn't the telnet programmer let him
> know that he is mistaken in his port choice?
> 
> As an analogy, it is also true that a C programmer could pull some nice
> tricks to optimize his code, but that code may confuse another
> programmer trying to understand it.  This is a system, like anything
> else, and things are based on give/take.  I don't see why allowing this
> to happen actually helps anyone but the telnet programmer -- because it
> could confuse many users.

Perhaps. If the user is using telnet (especially today), I would
generally assume they know a little bit about how their system works.
In today's world, sometimes we forget about memory and file size
optimizations. While telnet is not normally one of those files that
technicians try to cram onto their diagnostic Floppies/CDs, there
might be an occasion when it would be nice to save those few extra
bytes or kilobytes that these messages would take up.

While I don't disagree with you that user-friendly programs are nice,
there are times when other optimizations are favoured more.
-- 
Chris Umphress 
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation

2005-06-09 Thread Kristian Hermansen 
On Thu, 2005-06-09 at 08:06 -0700, Etaoin Shrdlu wrote:
> For those of us actually looking at it as an
> early warning system, think of Nick as being a vocal representative of the
> majority of more senior security people on the list.

OK.  Fair enough, but at least some people found it "informative".  The
technique described probably does affect many networking tools, as you
stated, but one should ask if this is a proper coding technique or not
(think secure code).  The input does not map to the expected output --
and the user should have been told that the port number is out of range.
Otherwise, what if he thinks 65571 is a valid port after executing that
command?  He may be naive, but shouldn't the telnet programmer let him
know that he is mistaken in his port choice?

As an analogy, it is also true that a C programmer could pull some nice
tricks to optimize his code, but that code may confuse another
programmer trying to understand it.  This is a system, like anything
else, and things are based on give/take.  I don't see why allowing this
to happen actually helps anyone but the telnet programmer -- because it
could confuse many users.  That's my rant and I'm done -- the users who
did not know about this have been informed and that was the point of the
original notice.  My apologies to the "elite", who sit so highly upon
their horses and throw flames down from above ;-)
-- 
Kristian Hermansen <[EMAIL PROTECTED]>
Cisco Systems, Inc.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Microsoft Windows and *nix Telnet PortNumber Argument Obfuscation

2005-06-09 Thread Etaoin Shrdlu 
Kristian Hermansen wrote:
> 
> On Wed, 2005-06-08 at 15:04 +1200, Nick FitzGerald wrote:
> > This has been known since Adam was a cowboy.

He's right, you know.

> Although I don't believe that your claim is unlikely, it would have been
> nice to post a link to the original discovery to back it up.

This is just foolishness.

>  Everyone
> that I have showed this to, personally, has not seen it before.  And,
> after some google searching, I could not locate anyone else either that
> talked about this -- the closest thing was an old Microsoft telnet
> advisory that didn't mention this behavior specifically.

Link? Why would there be a "link" to show where the "original advisory"
was? You have just got to be kidding.

> With that said, I would like to ask anyone who has info about the
> original discovery to please post it here (Nick didn't respond to my
> email).  I am interested to know more about it, and maybe the original
> discoverer found other things as well...thanks

Original discovery??? Don't you work for Cisco? Try either the Stevenson or
Doug Comer 3-volume set on networking. That'd probably help. I realize that
there seem to be a *whole* bunch of folk that feel that FD is a playground
and learning environment. For those of us actually looking at it as an
early warning system, think of Nick as being a vocal representative of the
majority of more senior security people on the list.

Please, if your objective is to learn about the basics, do it *elsewhere*.

--
The command line is useful for people who like to communicate
with their computers with a *language*, GUIs are for people
who like to to communicate by *pointing and grunting*
So who's the Neanderthal?  (J. J. Green)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/