Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: Insecurities in Non-exclusive Scoket Binding

From: David Wagner <daw(at)mozart.cs.berkeley.edu>
Date: Mon Mar 10 2003 - 23:49:57 EST

Firosh Ummer wrote:
>Socket hijacking itself is not new - it has been cited in several sources
>on the net. What I find disturbing is how easy it is for an attacker to
>hijack a privileged connection and then insert privileged commands,
>running with very low privileges.

This is an old, old story. I remember reading many years ago about this kind of attack on NFS. (NFS runs on port 2049.) You're right that it's an issue, and I don't know of any perfect defense. But then, most Unices are frankly not very secure against local privilege elevation attacks, so I wouldn't rely too heavily on standard Unix distributions to prevent non-root users from getting root anyway. (Maybe I'm alone in that last sentiment.) Received on Tue Mar 11 11:15:27 2003

This message: [ Message body ]
Next message: Oliver Friedrichs: "Re: Insecurities in Non-exclusive Scoket Binding"
Previous message: Ian Clelland: "Re: Some questions on DES Encryption..."
In reply to: Firosh Ummer: "Insecurities in Non-exclusive Scoket Binding"
Reply: Oliver Friedrichs: "Re: Insecurities in Non-exclusive Scoket Binding"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library