I just added UDP port scanning to the SATAN portion of our
testing service, and now find that a hole (not whole) new world is
showing up on the scans.
Does anyone know if there is a version of syslog that does not
run over UDP? Does anyone have a utility (similar to telnet?) that will
let me create UDP packets from shell scripts so I can test UDP attacks
from shell scripts? Is there a UDP wrapper of some sort that could be
judiciously applied (realizing of course that source information in UDP
packets is truly trivial to forge) by people wanting to close down UDP
I'm not completely certain, but I believe that anyone running
UDP on a real computer (not just a router) exposed to the Internet is
certain to be vulnerable to denial of service attacks of a wide variety.
Is three anyone who believes otherwise, and if so why?
P.S. I was talking about a router at Sysco, the major food distributor,
not Cisco the computer hardware company. Next time, I talk to someone
who's in charge of fire safety at Crisco and see what they say.
\Management /\/| 216-686-0090 - PO Box 1480, Hudson, OH 44236
\ /\/ | Check out info-security heaven and test your system
\/\ /\/ | for known vulnerabilities (1st time for free) at URL:
\/Analytics| (scans deeper than SATAN or ISS) http://all.net:8080
Read "Protection and Security on the Information Superhighway"
-just released by Wiley and Sons-