There was a message in Bugtrraq last week about security issues with
some Ascend products:
http://www.phenoelit.de/stuff/Lucent_Ascend.txt
...
[ Description ]
When sending a crafted UDP packet to the devices UDP discard
port (9), the device will answer with a packet containing
valuable information such as the host's name, MAC, IP address
of the Ethernet Interface, Serial number, device type and
installed features. By sending a packet with the SNMP WRITE
community, a remote attacker can change the devices IP
address, netmask or name.
...
I'm not sure if there's a work-around, but any traffic from outside
your local network to the IP of a NAS *should* be filtered out. No
one outside of your local network has any business poking your NAS.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
