At 10:47 19/03/96 -0500, Robert Moskowitz wrote:
>At 02:11 PM 3/19/96 +0000, Jonathan Larmour wrote:
>>
>>If a bug comprimises 192.0.0.1, and there _is_ an option somewhere to enable
>>IP forwarding, you can guarantee that in common off-the-shelf software like
>>Win95, or WinNT, it is conceivable for a hacker to find out where that
>>option is held in memory, and enable it.
>
>>From my own struggles with NT, it is easy to set the registry for IP
>forwarding, but it takes a reboot for it to work in the IP kernel. There
>seems to be much more than fiddling with the memory to get the kernel to
>forward....
But is there a way to force a reset? Lets suppose you are using the box as
an ftp server. But then a bug allows you access to the ftpd on disk. So now
you can replace the ftpd with any old bit of code you can upload, which can
turn on IP forwarding and reboot the machine or whatever you want, just by
running FTP again. Its all conceivable.
Tata,
Jonathan L.
323 Cambridge Science Park, Origin UK, Cambridge, England. CB4 4WG.
Tel: +44 (1223) 423355 Fax: +44 (1223) 420724 E-mail: guess...
"Not every sad-eyed woman has loved and lost, she may have found him"
|
|
