Shaun...
Let's add the ability to run a DMZ to the "next" version as well....
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
john burton
Midwest City, Oklahoma
-----Original Message-----
From: Shaun Moran [SMTP:[EMAIL PROTECTED]]
Sent: Monday, August 07, 2000 16:08
To: [EMAIL PROTECTED]
Subject: Re: [ShareTheNet] Woo Woo! Good Stuff about STN
Well - it can't - at least not these days - that is why the IP OPTIONS field
is so dangerous in TCP/IP packets because with IP OPTIONS you can tell the
remote box a different routing path that what it knows. All modern Firewalls
drop IP OPTIONS automatically these days.
Anyway - most attack/attackers dont care about the return of data - the
dangerous stuff is in the sending packet - not the receiving packet. (eg: If
I want to add a user to the /etc/passwd file via a buffer overflow - I dont
care about the succesfull/failure message - I just want to get the packet to
the remote machine. I'll know whether it worked by being able to telnet in)
Don't get me wrong - STN is good and the IP spoofing stuff I talked about my
not affect STN - I hav'nt had the time to test it. But from my brief
encounter with it the majority of STN's security is because of the minimal
services it runs - not because of any super intelligent Firewall script the
box users.
All I pointed out was the things that I would like to see fixed in the next
version to make the product even better.
Thanks - Shaun
----- Original Message -----
From: "Lyle Giese" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, August 07, 2000 11:36 PM
Subject: RE: [ShareTheNet] Woo Woo! Good Stuff about STN
> An interesting question there, Shaun. If I were to spoof an internal
> address, how does the STN box route packets back to me(the intruder), if
STN
> sends the packets back to that spoofed address(which is internal and not
> external)?
>
> Thanks in advance,
> Lyle
>
> -----Original Message-----
> From: Shaun Moran [mailto:[EMAIL PROTECTED]]
> Sent: Monday, August 07, 2000 3:59 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [ShareTheNet] Woo Woo! Good Stuff about STN
>
>
> Well I hav'nt tested it but if STN does not block against IP spoofing
> attacks then you have a potential vulnerability whenever there are rules
> based on source address alone.
>
> A potential example (but not likely) is that if the web admin portion of
STN
> is set to internal only then an external user could 'spoof' and Internal
IP
> address and set a web request/or modification of the STN box from the
> Internet - if he knew the username/password of course.
>
> The other security issues that I am aware of with STN are:
>
> - VERY old Version of BIND/NAMED (DNS) that is easily crashable - a
> reboot is currently required to fix this.
> - From memory the HTTPD server (THTTPD) that is used for web admin has
a
> vulnerability
>
> The REALLY nice thing I would like to see with STN is logging of dropped
> packets so you can SEE when someone is hacking/scanning you.
>
> Thanks
>
> Shaun Moran
> Security Engineer
>
begin 600 WINMAIL.DAT
M>)\^(BP6`0:0" `$```````!``$``0>0!@`(````Y 0```````#H``$(@ <`
M& ```$E032Y-:6-R;W-O9G0@36%I;"Y.;W1E`#$(`0V ! `"`````@`"``$$
MD 8`O $```$````1`````P``, (````+``\.``````(!_P\!````2P``````
M``"!*Q^DOJ,0&9UN`-T!#U0"`````%-H87)E5&AE3F5T0'1O<&EC82YC;VT`
M4TU44 !3:&%R951H94YE=$!T;W!I8V$N8V]M```>``(P`0````4```!33510
M`````!X``S !````%P```%-H87)E5&AE3F5T0'1O<&EC82YC;VT```,`%0P!
M`````P#^#P8````>``$P`0```!D````G4VAA<F54:&5.971 =&]P:6-A+F-O
M;2<``````@$+, $````<````4TU44#I32$%2151(14Y%5$!43U!)0T$N0T]-
M``,``#D`````"P! .@$````#`'$Z`````!X`]E\!````%P```%-H87)E5&AE
M3F5T0'1O<&EC82YC;VT```(!]U\!````2P````````"!*Q^DOJ,0&9UN`-T!
M#U0"`````%-H87)E5&AE3F5T0'1O<&EC82YC;VT`4TU44 !3:&%R951H94YE
M=$!T;W!I8V$N8V]M```#`/U?`0````,`_U\``````@'V#P$````$````````
M`D!>`02 `0`Q````4D4Z(%M3:&%R951H94YE=%T@(%=O;R!7;V\A($=O;V0@
M4W1U9F8@86)O=70@4U1.`/ /`06 `P`.````T <(``<`$0`Y`"H``0!;`0$@
M@ ,`#@```- '" `'`!$`.0`*``$`.P$!"8 !`"$````Q-T8R13E&1D%#-D-$
M-#$Q.40S.3 P,C Q.#(U,4%!1@`U!P$#D 8`' P``"(````+``(``0````L`
M(P```````P`F```````+`"D```````,`+@```````P`V``````! `#D`8*S9
MY,(`P $>`' ``0```#$```!213H@6U-H87)E5&AE3F5T72 @5V]O(%=O;R$@
M1V]O9"!3='5F9B!A8F]U="!35$X``````@%Q``$````6`````< `PN3._^GR
M&&RL$=2=.0`@&"4:KP``'@`># $````%````4TU44 `````>`!\,`0```!H`
M``!J8G5R=&]N0'-A;F1B;W@N9'EN:7 N8V]M`````P`&$+>8>)0#``<0<PD`
M`!X`"! !````90```%-(055.3$544T%$1%1(14%"24Q)5%E43U)53D%$35I4
M3U1(12).15A4(E9%4E-)3TY!4U=%3$PM+2T]+3TM/2T]+3TM/2T]+3TM/2T]
M+3TM/2T]+3TM/2U*3TA.0E525$].34D``````@$)$ $```#," ``R @``(0/
M``!,6D9UQ!GYN7<`"@$#`?<@`J0#XP(`8X)H"L!S970P( <3CP*#`% "\@]9
M5&%H`W'5`H,R$+Y7"'!K!) "@T(S#N=P<G$R#_DT*P-%#UE'"L!A!&!N9$T"
M@'T*@ C((#L);S+,-34"@ J!=6,`4 L#!F,`00M@;F<Q,#.+%"$/X%,/@'5N
M+AO@5PJB"H0*@$P/P"<$(&% 9&0@=&AE'2!B$0,0:71Y'6!O('+#&\ =("!$
M35H>(AUR`")N97AT(B!V'P20`) "(!T@!"!W96P^;!OA' L:-@+1$*%S,9 W
M("TM'!0M/2-_'R1*'!4:DA)2"_ X(&KT;V@#H&((<!XP"Y <(ZA-:60@D',%
M0$,=\? L($]K"V 1TB(C(2^9%!,Q-B%Z'> S-BDQO0-@= 60!4 B\"QQ3P40
M'F<+@ = != 'D'-A9_YE+',<%BP$*3,+,2P$`@!@:2TQ-#0!0!W@,1PX, %
M#- P$V(@1O4#83H,@V(;=070!; #D8!;4TU44#IS&Z).0!UQ!& RL7,N!:!M
M_ET<%3% !F ",#&G,I 70$)A*%%!=6=U)_$P+C<H8 '0,* @*K Z,+(X-)=4
M;S&J"7!4'8 %!\!T,Z!O<&EC86,T0C28=6)J+#$QIU),93HRX3D872 38&\[
M'D ](2$6T#TP'5!3=!YU`2 =H0A@!4!35$Y_+A\O*BN4%:(+\!6P'"-7*R"A
M(N @'? @.@!N)V<L41T@!4!L92!@!4!N]RP0'6(/L" V(00@0D =<#=#$00`
M((!H'A$=@4E0P2AP4%1)3TX%\"_@[R"@"S$<,D4!<QY -B :\!\$D A@!" +
M@!&@0U OJT6Q"K!C$Z!T!"!B!9#?&[!$$0/P'7!%JGD(8$*"_QU@0@(=<1P4
M"7 $8"P@)M#4;W@>D60&D&8$D#4Q]QY0/H$+@&=(H4G11+-%,.M$T@5 :T.@
M=S0P#_!"$:D$949I"7!W!T!L#T#U'"-D`V!P1:H;L!XP`, _3; Z`""P15-$
M%1P+06[^>5" 'A!"0 1@)_%#$ &0_4C0+U5D'_%$, (A0H$)<-\^51UR"7 ^
M$ 2A;SY -B#_`9!$@TNE1W@G\#XB10%($?\=<@^P%T!-Q$C20C%#I5>A,&-E
M:79;.$]P*&729SP0268<%$D@@ !P?T/!'D =,AZ@27$%P!\%+]D/P&,O"K $
M$'<=4"_@_T- '] ',!Z1)N!-`E@0'^'^9@D`!^!"0%YP5G(<%%;-1G,:`%R@
M<V9U(+ O?F8+< I 5N$'@2V"8I-J_S:B7I8MH%=46W4>,!P45W0K3#,`P6@+
M@&5/<$DG?T(13R)%(0_ '8 %P$)A=_<%L!.@'5!B'A!),$W"`:"?81$?`B"@
M'X!$X6XI'!K^1 (@0L%G,@> (( #8$W1]T) /L%$\F<]P@!P'51%L?QS<#TP
M+^!-T5GT7G !D&9L:V(^9&UY'!1#HF&?30$L06]B8J(/@'8G35'_#X =5$VP
M;K%L@R?Q'?!/</Y"/I$#4G*A)M (@5X%"?#_!: ;P"P@!<!)LT)A'7(`P'\F
MD 40'@%8(3[!'0$/L&/_"'$>`44!2398(7CS"X '</\'0!P47X%<T&2A0E(>
M841RWT.B>QD`<!X09'!P:M)X(?\@L"S@34)01D<P!01+ATR"_U]R4ZU"$5YP
M<.!_DAU0/H+O4( $('43:8%GA()#$5YQ]PA@1I!#,&D3H!XB#[ =D/TOX'AK
M<5J%'X(<%!_F'C%O`,"&0F>"`V!D&@`%0&5_'^ FP0_ >#$<"SE0`'!K_T1R
M&Y,I3B-1+'(H<"S=+&2G'!0Q8Q]@3'EA$4<(D)L/L!_ /%+@0T! ; 4`W311
M<#Z0BJ$T43Z+-3A@SY#0.0\Z$Y(U0V.2P3-?3Y(7-2,U[S;W,3HKL"#<4$V6
M53L%!_!%/!X]+_L^/XS+/@_P`Z!_D@EP)_"]3<)Q"E">P8BB:L%E*&#_&Y0]
M`%WPA9)-(89C<.)P$=^>5"T1G;8=,9ZA<RA@$=#_!^!6< >1'7)O8DR"38)G
MEN=)$4C!B,-E*!UR?Y$>8/T$@2DH8 :0EE4^UIX06O*_A(2E3D2S<--R(J,4
M*$4P_SGP>*%'\J(D<!-#H9VV'Y'YHC,I/YVUG;:+E4@1'3#V=@!P7* LG;:0
M(JX]+'__+8V>$(^T,CL:@V3@:4$#$/\>,#-/.C(B,F3@#^ TA9X0PY:_-JLS
M.C4Y#_"9!?^O`9*QDO\Z&;AAF8<\#YLO_YP_KH>=MD'S=$=UTH<2?B'_/I$&
MD&]3H]-^`PD`I>$MD/\+<2?Q<*FBAU5SA(,#H$JR_W1A'9&#D2P@`C ',1_0
M9.#_'X 7`!W%:H$?@!_AGZ0=(/]6X1Y@0T!0Q9X0I< /L(0!_P.@1T (<%R@
MHO8=( D`::%]KCU!R)D?D!<0"U =D"COP])#HH8B4N I1/)$M'ND_R"0,4 =
M,'P!@Y$`(" B6"#_IX]'$F?SK @"(%+D'H$#H+^MEE]D=_&%\1T`<.(G<!/^
M2:(;1;"BC7 3U+(>H-(R^PEPGR,O!;$$80:0.?'3!?^D&W:C2X>>$-B$6[/$
M$1V!_T\@!]$=<E]RLI '@&!T!;#_A ' 0'?Q#Z'-_KOA6!!JL_]Z661PH_.%
M<Q<0'2!0@%;A_U@A2;-O8KNQ,:"Q'3T`/0"P5D5265@0A?%6'_6!6"%"24Y$
M+TZZL/1%1%V01$8PT2!$MD-1_P,0'A %`"!@#X!L0D+QG;;_"7 &X$.Q10%Z
M<4TR4N';8O]041U1'D"&X8324Z;GE3%BYV61,^%%5$A4,R#IT'S2^5^1*%3P
M\^HX27%@T06Q_](X#X!0Q>P'R4OB/QV0F@#X04Q,Z# #`,SQA..%G^^&HN7W
M10$)`&>R<4W@6")_44%_4$:EGA!(MD=!2K93_$5%RA-',0> S<%$\@^ ^TC0
M3<$O!/ `< ,`3=%*L;_B+XNC_ZTR.;@(>G5%&O O:9&L0/^K&<$`!3 #`! 0
M``````,`$1 !````'@!"$ $````!``````````,`@!#_____0 `',+!_>='"
M`, !0 `(,+!_>='"`, !"P``@ @@!@``````P ```````$8``````X4`````
M```#``* "" &``````# ````````1@`````0A0````````,``X (( 8`````
M`, ```````!&`````%*%``#S%0``'@`3@ @@!@``````P ```````$8`````
M5(4```$````%````."XP- `````#`!2 "" &``````# ````````1@`````!
MA0````````L`&8 (( 8``````, ```````!&``````Z%`````````P`:@ @@
M!@``````P ```````$8`````$84````````#`!N "" &``````# ````````
M1@`````8A0```````!X`.( (( 8``````, ```````!&`````#:%```!````
M`0`````````>`#F "" &``````# ````````1@`````WA0```0````$`````
M````'@`Z@ @@!@``````P ```````$8`````.(4```$````!`````````!X`
</0`!````!0```%)%.B ``````P`--/TW``"?M(4`
`
end
--- Sponsor's Message --------------------------------------
TOO MUCH DEBT? Let this nonprofit help you lower your credit card
interest charges and consolidate your payments without a loan. If you
have $5000 in credit card debt, click here.
http://click.topica.com/aaaav5bz8Rp2bAfyICc/Edebt
------------------------------------------------------------
--
Visit http://www.ShareTheNet.com for info about ShareTheNet
Visit http://www.topica.com/lists/sharethenet for info about this list
________________________________________________________________________
Start an Email List For Free at Topica. http://www.topica.com/register
