Security Incidents mailing list archives
Protect rpc.statd by tcp wrapper? (was Re: /tmp/bob on compromised system
From: "Ralf G. R. Bergs" <rabe () RWTH-Aachen DE>
Date: Wed, 26 Jul 2000 21:22:56 +0200
On Mon, 24 Jul 2000 21:25:14 -0700, Jeffrey F. Lawhorn wrote:
/tmp/bob is a finger print from a rpc.statd exploit.
Is it possible to protect the rpc.statd by using the tcp wrapper? I currently have the following in my inetd.conf file on my Solaris 2.5.1...2.7 machines: rstatd/2-4 tli rpc/datagram_v wait root \ /usr/lib/netsvc/rstat/rpc.rstatd rpc.rstatd Is it ok to use tcpd like this: rstatd/2-4 tli rpc/datagram_v wait root \ /usr/sbin/tcpd /usr/lib/netsvc/rstat/rpc.rstatd I'm not sure whether TLI and rpc/datagram_v works with tcpd. Thanks, Ralf -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/ The Choice /V\ of a GNU /( )\ Generation ^^-^^
Current thread:
- /tmp/bob on compromised system Russell Fulton (Jul 24)
- Re: /tmp/bob on compromised system Jeffrey F. Lawhorn (Jul 25)
- Protect rpc.statd by tcp wrapper? (was Re: /tmp/bob on compromised system Ralf G. R. Bergs (Jul 27)
- Re: /tmp/bob on compromised system Joseph Pingenot (Jul 25)
- Re: /tmp/bob on compromised system Fredrik Ostergren (Jul 26)
- Re: /tmp/bob on compromised system Jeffrey F. Lawhorn (Jul 27)
- <Possible follow-ups>
- Re: /tmp/bob on compromised system Matt Merhar (Jul 25)
- Re: /tmp/bob on compromised system Security (Jul 26)
- Re: /tmp/bob on compromised system Adam Pendleton (Jul 25)
- Re: /tmp/bob on compromised system Rob McCauley (Jul 26)
- Re: /tmp/bob on compromised system Granquist, Lamont (Jul 27)
- Re: /tmp/bob on compromised system Russell Fulton (Jul 28)
- Re: /tmp/bob on compromised system Rob McCauley (Jul 26)
- Re: /tmp/bob on compromised system Jeffrey F. Lawhorn (Jul 25)
- Re: /tmp/bob on compromised system Jens Oeser (Jul 25)