[lug] TSIG overflow

Sean Reifschneider jafo at tummy.com
Wed Feb 28 23:00:34 MST 2001

On Wed, Feb 28, 2001 at 06:19:51PM -0600, charles at lunarmedia.net wrote:
>	i can understand the hesitation and the raised eyebrows concerning
>	the question, but i'm a network/linux admin working for a legit
>	company that needs to prove a point. i appreciate the concern and
>	would probably have the same reaction.

Well, you'd better start digging on the web and IRC then...  Most
places are fairly loath to give out such information, so going
to CERT and the like is just going to tell you that yes, that
version of the software had a known exploit against it.  Finding
an actual working exploit is going to be harder...  I haven't
actually seen the exploit.

If they aren't capable of securing their Linux machine even to the
point of using a respectable password, you'd better start offering
them services to make sure that they *ARE* covered if you don't want
them to leave.  For example, our hosting includes the option of us
doing security upgrades at no cost -- all of our clients have taken
advantage of that.

Are they using telnet to access the machine?  The easiest thing to do
is show them that when they do that, it's fairly trivial to watch the
traffic.  You *ARE* running a switched network to help cut down on
such sniffing as well, aren't you?

 The Law of Software Development and Envelopment at MIT: Every program
 in development at MIT expands until it can read mail.
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python

More information about the LUG mailing list