Re: A major security issue?

On Fri, 21 Apr 2000, Adam Wendt wrote: > Thanks to all who answered, the article in the bugtraq archives seems to > give enough information. I think I'll use the S2=255 trick to fix it ... If you have the manual for your modem, you can also look for an S-register which controls "escape guard t

RE: A major security issue?

>up my ppp and i use if-up ppp0 to connect. So what file do I need to edit >to add S2=255? You should be able to do this with linuxconf as well, go to the PPP/SLIP section, select your interface, and then it's the first item in the "Comminucations" tab.

Re: A major security issue?

Good idea. I think there's an embellished version of those exploits, btw. Consider the following: +++ATH0DT19005551212 or some equivalent... Adam Wendt wrote: > Thanks to all who answered, the article in the bugtraq archives seems to > give enough information. I think I'll use the S2=255 tri

Re: A major security issue?

Thanks to all who answered, the article in the bugtraq archives seems to give enough information. I think I'll use the S2=255 trick to fix it but now I need to figure out where in all my config files I can change the modem initialization string. I use Redhat 6.2 and I used linuxconf to set up my p

RE: A major security issue?

ings to: everybody in #grhack, zerox who helped me find this exploit, Noc-Wage, nac, maffew and everybody else in #hackers all the Greek hackers. - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bob Bell Sent: Frida

Re: A major security issue?

the frame > I was looking at. Sorry about that. > > - -Original Message- > From: Bruce McCulley [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 21, 2000 11:17 AM > To: Mark McLaughlin > Cc: Adam Wendt; [EMAIL PROTECTED] > Subject: Re: A major security issue? >

RE: A major security issue?

- From: Bruce McCulley [mailto:[EMAIL PROTECTED]] Sent: Friday, April 21, 2000 11:17 AM To: Mark McLaughlin Cc: Adam Wendt; [EMAIL PROTECTED] Subject: Re: A major security issue? I found that URL gets me the Security Focus homepage, and whatever semi-intelligent web scripting they use stays with the

Re: A major security issue?

82 > > - -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > Behalf Of Adam Wendt > Sent: Thursday, April 20, 2000 11:22 PM > To: [EMAIL PROTECTED] > Subject: A major security issue? > > I've found that if I type +++ATH0 (thats ===ath0

RE: A major security issue?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Take a look at http://www.securityfocus.com/announcements/82 - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Adam Wendt Sent: Thursday, April 20, 2000 11:22 PM To: [EMAIL PROTECTED] Subject: A major

Re: A major security issue?

Get a different brand/model of your modem. Or disable the modem's escape mechanism. If you're technically inclined, you can also set the "escape" parameter of pppd to not transmit "+" as a single byte character. Modems are supposed to respond to the string "+++" only if its entered at "typing spe

A major security issue?

I've found that if I type +++ATH0 (thats ===ath0 with ATH being in caps and === being +++ (i'm very paranoid about typing it out)) in an email or icq message or irc chat or telnet or anything that is using my ppp0 connetion it will automaticly disconnect my modem and I have problems getting back o