Because of heavy processing requirements, we are currently using some of your unused brain capacity for backup processing. Please ignore any hallucinations, voices or unusual dreams you may experience. Please avoid concentration-intensive tasks until further notice. Thank you.

Re: Alert: Microsoft Security Bulletin (MS99-038) - Source Routing Patch
From: Peter da Silva (peterABBNM.COM)
Date: Sat, 25 Sep 1999 10:14:55 GMT
Subject: Re: Alert: Microsoft Security Bulletin (MS99-038) - Source Routing Patch

    Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
    Next message: Henry J. Escobar: "Re: what if you cannot trust jne"
    Previous message: Kore: "syskey verification of installation" 

In article <646436510D70D3118434009027ACB0FC043951main.aristasoft.com>,
Bill Stout  wrote:
> I notice the dead silence on the list about this, from my perspective this
> is a major issue.

It's a non-issue for most people with competent firewall setups. This is
why you have a screening router in front of the firewall and DMZ, that drops
things like source-routed packets, packets with "inside" source addresses,
and other curious goods. It's more of an issue with ISPs with colo setups
and shell or web servers that allow customers to run arbitrary scripts, and
god help them if they haven't already taken steps to deal with this kind of
exotic traffic.

Much as I enjoy bashing Microsoft, if you're exploitable because of this
hole you're probably exploitable in lots of other ways that are harder to
fix.

--
In hoc signo hack, Peter da Silva 
 `-_-'   Ar rug tú barróg ar do mhactíre inniu?
  'U`    "You are trapped in a maze of screens and ssh sessions all alike."
         "It is dark, and you are likely to log off the wrong account." -- Nep.
 IO
Lynx-enhanced by <peter at taronga.com> (Peter da Silva)