Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco says attacks are due to operational practices

  • From: Adam McKenna
  • Date: Fri Feb 11 15:02:42 2000

Also, I believe ssh won't do this if you remove the suid bit (which is 
probably a good idea anyway).

--Adam

On Sat, Feb 12, 2000 at 03:07:25AM +0800, adrian@creative.net.au wrote:
> Its not a bug, its a leftover from rsh days - if the connection originates
> from a port below 1024, you could assume *cough* that the credentials the
> connection supplies are authentic, since the process needs to be root to
> bind to ports < 1024.
> 
> This isn't a "but thats flawed!" discussion seed, take that to bugtraq.
> 
> There's a flag to ssh somewhere to stop it doing that. Yup, -P .
> 
> Adrian





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.