Dan Harkless writes:
Theo de Raadt just informed me via email that OpenBSD fixed their identd to
only report SS_CONNECTOUT sockets in 1996.
The MTA and the FTP server and many other daemons will make outgoing TCP
connections upon request. This bogus ``fix'' does not achieve the stated
goal of
Dan Harkless [EMAIL PROTECTED] writes:
Rainer Weikusat [EMAIL PROTECTED] writes:
Dan Harkless [EMAIL PROTECTED] writes:
Using this grammar applied to the data we send to an arbitrary host
piped to the ident/auth port will reveal the process owner running
on a given port, even
Rainer Weikusat [EMAIL PROTECTED] writes:
Dan Harkless [EMAIL PROTECTED] writes:
Using this grammar applied to the data we send to an arbitrary host piped
to the ident/auth port will reveal the process owner running on a given
port, even though we initiated the connection.
Uh, no.
Using this grammar applied to the data we send to an arbitrary host
piped to the ident/auth port will reveal the process owner running on a
given port, even though we initiated the connection.
Dan Harkness writes:
Uh, no. With properly-written ident daemons, such as pidentd, the
daemon
-BEGIN PGP SIGNED MESSAGE-
Section 1.5.2 of this paper describes an attack termed the "FTP server bounce
attack".
The author states that AIX is vulnerable to this type of attack.
This is no longer true: this vulnerability was fixed some time ago in
AIX versions 4.1, 4.2, and 4.3. APARS
Dan Harkless [EMAIL PROTECTED] writes:
Using this grammar applied to the data we send to an arbitrary host piped
to the ident/auth port will reveal the process owner running on a given
port, even though we initiated the connection.
Uh, no. With properly-written ident daemons, such as
On Thu, 4 Jan 2001 20:32:01 -0800, Dan Harkless [EMAIL PROTECTED]
said:
Dan Guido Bakker [EMAIL PROTECTED] writes:
1.2.1 - reverse ident scanning
This technique involves issuing a response to the ident/auth
daemon, usually port 113 to query the service for the owner of
