Hello, Does anyone have more information on this exploit, or know if SuSE is an affected platform?? http://linux.oreillynet.com/pub/a/linux/2001/08/06/insecurities.html#lin --snip-- Linux IP masquerading Under some circumstances, a vulnerability in Linux IP masquerading can be used by an attacker to bypass a Linux-based firewall and gain access to a protected network. This new vulnerability is similar to an attack reported earlier this year that used FTP protocol to open a hole through the firewall, but instead uses a flaw in the IRC DCC helper (ip_masq_irc module). Users of Linux IP masquerading should evaluate their security needs and consider options to increase the security of their firewall, such as configuring the NAT server to only allow a range of ports in connection requests (such as only ports above 1024) or not installing helper modules (such as ip_masq_irc) on their server. --snip-- Thanks Gabriel
Hello,
Does anyone have more information on this exploit, or know if SuSE is an affected platform??
http://linux.oreillynet.com/pub/a/linux/2001/08/06/insecurities.html#lin
Yes, our kernels are affected, too.
The flaw described is nothing new, not only that a similar problem was
found in the ftp helper module, but also because the design of such a
module can't be secure.
Consider the masquerading helper modules something that makes things work,
not something that makes things safer.
Roman.
--
- -
| Roman Drahtmüller
Le Vendredi 10 Août 2001 10:24, Roman Drahtmueller a écrit :
Consider the masquerading helper modules something that makes things work, not something that makes things safer.
is that an issue on out of the box 7.2 personnal firewall with masquerading? I don't know what are helpers modules... thanks jdd -- http://www.dodin.net mailto:jdanield@dodin.net WHO'S THAT GUY ? Help me found it Russia & South america help needed http://www.dodin.net/serge/index.html
Consider the masquerading helper modules something that makes things work, not something that makes things safer.
is that an issue on out of the box 7.2 personnal firewall with masquerading? I don't know what are helpers modules...
Use the "lsmod" command to see the modules that are currently loaded in your kernel. The configuration possibilities of the personal-firewall allow an easy setup of masquerading connections (basically, I could not find anything easier). However, it does not insert kernel modules that can open ports from the outside to the inside for protocols that need this (IRC, FTP, ...).
thanks jdd
Grüße,
Roman.
--
- -
| Roman Drahtmüller
participants (3)
-
gabriel rivera
-
jdd
-
Roman Drahtmueller