Re: Internet Worm

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Norwell Louis Awson: "Internet Worm"
• Previous message: Jonathan M. Bresler: "Re: finger-bombing"
• In reply to: Norwell Louis Awson: "Internet Worm"
• Next in thread: Julian Assange: "Re: Internet Worm"

On Fri, 14 Oct 1994, Norwell Louis Awson wrote:
> Everyone seems to say "the bugs the worm exploited haven't been fixed yet".

The hole in which the worm exploited is fixed but it has spawn off lots 
of other idea for cracking. 

> Sendmail debug hole			fixed.. use Sendmail 8.6.9

Yes..it is fixed. But then remember the smail bug recently in how it 
handles ~/.forward file? Most of the idea of exploited the ~/.forward is 
indirectly coming from old sendmail bug.

> Vax finger stack overflow		fixed.. no fingerd presently uses
> 					gets()

Fingerd dont use gets(). but gets still exists in many system. Many 
programmers still used it in their application despite the warning. 

> Trusted hosts and 'r' commands	Not fixed.  Users will always be
>   					the hole in your system.  Get rid
> 					of any 'r' commands if this REALLY
> 					bugs you.

Getting rid for r(sh/login/cp...) application maybe pain in the neck. 
Enabled it may create backdoor for cracker. 

Anyway, what i did on my system is put a .rhosts file in every user 
directory. chmod 000 .rhosts and chown root .rhosts. Not all user needs 
.rhosts file. Those who wants to use them email me and i will chown back 
to them. (any problem with that? :-)

James Seng Ching Hong ~{W/Uq:j~}	
Technet Student Consultant, Technet Unit
Internet: jseng@solomon.technet.sg 

• Next message: Norwell Louis Awson: "Internet Worm"
• Previous message: Jonathan M. Bresler: "Re: finger-bombing"
• In reply to: Norwell Louis Awson: "Internet Worm"
• Next in thread: Julian Assange: "Re: Internet Worm"