Great Circle Associates Firewalls
(September 1992)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: uucpd
From: Edward DeHart <ecd @ cert . org>
Organization: Computer Emergency Response Team : 412-268-7090
Date: Tue, 29 Sep 92 18:11:25 EDT
To: firewalls @ GreatCircle . COM

> > CERT recommends restricting the protocols for :
> >	.
> > uucpd			(540)
> >	.
> 
> Can somebody explain why this would be on the list?

In addition to what has been posted, several sites have reported breakins
due to uucpd being enabled by default in inetd.conf (Please check yours).
The sites had not planned to use UUCP and no effort had been made to change
the vendor's config files in the /usr/lib/uucp directory.

Thank you,
Ed DeHart
Computer Emergency Response Team
Internet E-mail: cert @
 cert .
 org
Telephone: 412-268-7090 24-hour hotline:
       CERT personnel answer 7:30a.m. to 6:00p.m. EST(GMT-5)/EDT(GMT-4),
       and are on call for emergencies during other hours.


Indexed By Date Previous: Re: X and firewalls
From: Amos Shapira <amoss @ cs . huji . ac . il>
Next: Re: SUMMARY: Why allow incoming telnet?
From: Michael Reilly / Network Systems Lab (NSL) <reilly @ PA . DEC . COM>
Indexed By Thread Previous: Re: So what is vulnerable? A list..
From: wietse @ wzv . win . tue . nl (Wietse Venema)
Next: Re: So what is vulnerable? A list..
From: Brent Chapman <brent @ GreatCircle . COM>

Google
 
Search Internet Search www.greatcircle.com