[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: Console server probes from outside

Bryan Stansell bryan@conserver.com
Thu, 20 Jun 2002 12:33:52 -0700 (PDT)

On Thu, Jun 20, 2002 at 12:57:01PM -0500, John R. Jackson wrote:
> I don't know if it's just a port scan or if they are probing a potential
> console server security hole.
> Not to start a panic.  Just a head's up in case something bad is floating
> around out there.

figured i'd throw in my 2 cents...

i want to *strongly* suggest that if you have conserver accessible from
*any* non-trusted network (no matter how small that lack of trust is),
that you use tcp wrappers to protect yourself.  yes, via the
conserver.cf file you can list access restrictions and it works just
fine, however, i can't promise that someone would not be able to break
that code or break the code before it and gain access (i really hope
that's not the case, but you have to be cautious).  with tcp wrappers,
there's a much higher level of confidence since that package is the
front-line defense of so many things and it's code is always under

i'm sure there are nasty holes in the code that would allow folks to do
bad things.  where they are, i don't know, but it would be silly of me
to think that they didn't exist.  if anyone gets the urge to check the
code for stuff like this, i'd suggest looking at the access restriction
stuff so that tcp wrappers weren't a requirement, but just a nice
integration into an existing environment.