Bugtraq mailing list archives
Follow-Up: Security Problems with Linux 2.2.x IP Masquerading
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Tue, 28 Mar 2000 12:07:49 -0600
Following the "NetBIOS Info" thread on Incidents mailing list at SF, Robert Graham <bugtraq () NETWORKICE COM> mentioned a utility he wrote to automatically respond to netbios port 137 name probes with a netbios name lookup back to the originating host. He mentioned that it seems to cut right through state-based firewalls and NAT systems because the response probe looks like a response to the outgoing probe. Assuming that a host on an inside network is sending out these netbios name queries (1), an attacker could exploit the linux 2.2.x vulnerability and be able to query the netbios names of internal machines. -HD 1: http://www.robertgraham.com/pubs/firewall-seen.html#netbios
Current thread:
- Re: Esafe Protect Gateway (CVP) does not scan virus under some alonr () EALADDIN COM (Mar 23)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Hugo.van.der.Kooij () CAIW NL (Mar 23)
- <Possible follow-ups>
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Smith, Eric V. (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Alon Rotem (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Alon Rotem (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Hugo.van.der.Kooij () CAIW NL (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Eric Chien (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Jason Brvenik (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Lea, Michael (Mar 24)
- Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 27)
- Follow-Up: Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 28)
- privacy problems with HTTP cache-control Martin Pool (Mar 28)
- Objectserver vulnerability Howard M. Kash III (Mar 29)
- Citrix ICA Basic Encryption Dug Song (Mar 29)
- Re: Citrix ICA Basic Encryption Weld Pond (Mar 28)
- Re: Citrix ICA Basic Encryption Chris Knight (Mar 29)
- Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 27)
- Re: Security Problems with Linux 2.2.x IP Masquerading Olaf Kirch (Mar 30)
- Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability Ussr Labs (Mar 30)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Ian Turner (Mar 27)