geoffb Wrote: > On 4/21/06, Mark Lanctot wrote: > > geoffb Wrote: > > > PC requirements aside, presuming that you didn't put any security > in > > > place apart from router IP filtering at the both ends, that would > still > > > leave you open to whatever exploits your routers expose. For > example, > > > there's at least one router I read about a while back that shuts > down > > > and requires a hard boot if (a) IP filtering is on and (b) it > detects > > > more than a certain number of port scans from unauthorized IPs. > Means > > > that you have no music for the rest of the weekend, unless there > is > > > someone at home you can call to reset it. > > > > I believe what was referred to is IP filtering by SlimServer itself, > > i.e. Server Settings - Security - Block Incoming Connections. > > > > I suppose IP blocking at the router would eliminate all access > attempts > > to the SlimServer machine, from SlimServer clients or otherwise. > I'm > > wondering if it would offer any additional protection though - while > > the router would let traffic through SlimServer wouldn't respond to > any > > connection attempts. > > > > Ah, I see that I misread the original suggestion, although I have to > say, I don't think this changes the security issue. > Although it's unlikely, given the relatively few SS instances running > on the internet, wouldn't it be possible to spoof a source IP and > issue commands to the SS - presuming that you didn't care about the > return packets? > This is reaching into the realm of 'unlikely, so don't bother worrying > about it', but it's still a possiblity.
I'd say "unlikely" is a bit weak of a word. "Approaching impossible" is closer to it. If you can predict TCP Sequence Numbers, it is possible to send packets that appear to be from a trusted source, but you never get any return packets. To successfully cause damage by pretending to be a trusted slimserver client, the slimserver would have to be running on an OS with predictable TCP sequence numbers (Windows, MacOS X, and Linux are all quite secure in this regard) AND the attacker would have to know which source IP address was trusted, AND the attacker would have to know of a bug in slimserver that could be exploited in a way that causes damage, AND the slimserver would have to be running as a user on the host OS that had sufficient privileges to cause that damage. And besides all of that, slimserver just isn't that big of a prize for anyone to bother. There are far jucier and lower-hanging fruit. If you or your systems are of *that* much interest to someone, there are far easier ways to gain access or cause damage, one of which would be to attack PPTP. As implemented by Microsoft, PPTP is more of a security liability than Slimserver. -- rudholm ------------------------------------------------------------------------ rudholm's Profile: http://forums.slimdevices.com/member.php?userid=2980 View this thread: http://forums.slimdevices.com/showthread.php?t=23132 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
