Great Circle Associates Firewalls
(October 1993) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: System Security
From: Rens Troost <rens @ lorax . IMSI . COM>
Date: Thu, 28 Oct 1993 17:20:55 -0400
To: pmetzger @ lehman . com
Cc: Firewalls @ greatcircle . com, Neil Readwin <nreadwin @ micrognosis . co . uk>
In-reply-to: Your message of "Thu, 28 Oct 1993 14:39:47 EDT." <9310281839 . AA02642 @ snark . lehman . com>
Reply-to: rens @ imsi . com 
>>>>> On Thu, 28 Oct 1993 14:39:47 -0400, "Perry E. Metzger" <pmetzger @
 lehman .
 com> said:

  pmetzger> It might work, but you'd have to be tricky about it. Inode
  pmetzger> generation numbers are randomized when disks get built.
  pmetzger> However, the random number generators in question are
  pmetzger> rather poor and thus you can probably spoof the
  pmetzger> connections. There should be ways to do this sort of thing
  pmetzger> as well -- NFS is so low on security that I've never
  pmetzger> bothered to look at it in detail -- it would be like
  pmetzger> trying to look for new holes in a sieve.

fsirand is sufficiently effective that this sort of attack can only my
the most amazing dumb luck result yield surgical precision. On the
other hand, it can be quite effective at completely dismembering a
machine.

-Rens
References:
Indexed By Date Previous: Re: System Security
From: "Perry E. Metzger" <pmetzger @ lehman . com>
Next: Re: Firewalls Digest V2 #216
From: Fred . Lowe @ EBay . Sun . COM (Fred Lowe)
Indexed By Thread Previous: Re: System Security
From: "Perry E. Metzger" <pmetzger @ lehman . com>
Next: Re: System Security
From: jim @ Tadpole . COM (Jim Thompson)
Google
 
Search Internet Search www.greatcircle.com