1 |
On Mon, 2002-05-27 at 20:00, Allix Primus wrote: |
2 |
> |
3 |
> While reading through page 17 of the 28 page Gentoo Linux Security Guide, I |
4 |
> noticed a lot of information pertaining to patching numerous holes in the |
5 |
> operating system through /proc. These vulnerabilities range from source |
6 |
> routed packets, to ICP redirect acceptance. After searching through quite a |
7 |
> few google pages, I didn't find any Windows specific content on these |
8 |
> topics. |
9 |
|
10 |
Windows has some of the same problems. Only windows does not support |
11 |
features like acting as a router per default. |
12 |
|
13 |
ICMP packets are dangerous no matter what OS you are using. The process |
14 |
of altering values in /proc is to harden the system and avoid DoS |
15 |
attacks or even helping others to make a DoS attack. |
16 |
|
17 |
The trick of altering a route is also know for windows machines and can |
18 |
probably be disabled. But per default any M$ machine will respond to a |
19 |
broadcast. And a windows machine will not per default drop strange hand |
20 |
crafted packets. |
21 |
|
22 |
> Are these security vulnerabilities only restricted to linux or can these be |
23 |
> changed on Windows systems as well? |
24 |
No .. the problem still exists .. but most people don't use windows as a |
25 |
router, they use a real router. But Linux can act as a router or a |
26 |
bridge and that is why you need some extra features turned off if you do |
27 |
not use them. |
28 |
|
29 |
Windows users normally rely on a personal firewall or a router in front |
30 |
of the server for filtering the right packets. But a router does not |
31 |
filter all ICMP packet correct or cannot filter then because some |
32 |
cracker tools use ICMP as a tunnel for other traffic. This tunnel can be |
33 |
used to send normal IP traffic without a firewall seeing it. |
34 |
|
35 |
> Any help or links would be greatly appreciated. |
36 |
> |
37 |
I hope this helped you and I'm sorry that I was not able to give you any |
38 |
links for windows but I haven't used a windows machine for any security |
39 |
project in a lot of years. |
40 |
|
41 |
Best regards |
42 |
Kim |
43 |
-- |
44 |
I'm the face that stares at you from the shadows. |
45 |
http://www.insecurity.dk |