Firewalls: Re: Tightening up SunOS 5.4 (was Re: Hardened OS)

Firewalls
(November 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Tightening up SunOS 5.4 (was Re: Hardened OS)
From:	nreadwin @ london . micrognosis . com (Neil Readwin)
Date:	Thu, 2 Nov 1995 04:34:45 +0000 (GMT)
To:	smith @ sctc . com (Rick Smith)
Cc:	firewalls @ greatcircle . com
In-reply-to:	<199511012337 . RAA19827 @ shade . sctc . com> from "Rick Smith" at Nov 1, 95 05:37:30 pm

Rick Smith writes:
> Of course, RTM didn't use a C compiler to exploit the old fingerd
> buffer overrun vulnerability, just the fact that fingerd was running
> as root on most systems.

Ahem ... RTM did use a C compiler (to compile the grappling hook that
pulled over the rest of the worm) and it didn't require root (since the
worm made no efforts to exploit the fact that it was privileged and if
fingerd had been running as another user the worm would still have worked).

That said, I agree that if your firewall platform is a typical "Almost
C2" Unix then there is no point in stripping it down - if the bad guys
can get a login or just execute a shell script then you are toast. Neil.
-- 
 nreadwin @
 micrognosis .
 co .
 uk       Phone: +1 908 855 1221 x519
 Anything is a cause for sorrow that my mind or body has made

References:

Re: Tightening up SunOS 5.4 (was Re: Hardened OS)
From: Rick Smith <smith @ sctc . com>

Indexed By Date	Previous:	Re: idb.ar.com...the mystery continues From: Gary Hull <ggh14854 @ ussun2f . glaxo . com>
Indexed By Date	Next:	Re: Tightening up SunOS 5.4 (was Re: Hardened OS) From: carson @ lehman . com
Indexed By Thread	Previous:	Re: Tightening up SunOS 5.4 (was Re: Hardened OS) From: Rick Smith <smith @ sctc . com>
Indexed By Thread	Next:	Re: Tightening up SunOS 5.4 (was Re: Hardened OS) From: Mark <mark @ lochard . com . au>