Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 05 Dec 2000 09:08:59 -0700
From:      Wes Peters <wes@softweyr.com>
To:        John Howie <JHowie@msn.com>
Cc:        "David G. Andersen" <dga@pobox.com>, freebsd-security@FreeBSD.ORG
Subject:   Re: Fw:      NAPTHA Advisory Updated - BindView RAZOR
Message-ID:  <3A2D131B.2548F379@softweyr.com>
References:  <200012050043.RAA27046@faith.cs.utah.edu> <011701c05e5a$bcfb3060$fd01a8c0@pacbell.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

John Howie wrote:
> 
> David Andersen wrote:
> 
> > This isn't a FreeBSD failure per se, but a resource control
> > failure.  Whether you want to point a finger at FreeBSD, ssh, or the
> > operator of the box is entirely up to you. :-)
> >
> 
> I'm afraid I disagree - this is not purely a daemon problem. I wonder if you
> had time to read the whole advisory for the FreeBSD information near the end
> of the report (I've included it below).

I'm sure he, just as I, read it and found it to report only daemon attacks:

> > > >       FreeBSD - FreeBSD 4.0-REL
> > > >
> > > >       In testing FreeBSD, a few specific
> > > >       daemons/ports were targeted. For some, the
> > > >       stability of the system as a whole can be
> > > >       affected. The daemons targeted in this
> > > >       testing are not necessarily at fault for
> > > >       the problems encountered.
> > > >
> > > >       SSH:
> > > >
> > > >       NFS:
> > > >
> > > >       BIND:
> > > >
> > > >       Note: These services/ports can be
> > > >       similarly affected on other Linux and UNIX
> > > >       variants.
> 
> If a daemon becomes unusable because it is subject to attack then that is,
> while not ideal, at least tolerable. When the whole system becomes unusable
> that points to problems in the kernel.

They don't substantiate their vague claim of "the stability of the system 
as a whole can be affected."  All of the specific instances they do list 
ARE daemon attacks.  

On the other hand, if they are attacking NFS, I can certainly see that
making the system somewhat unstable, but it is better in 4.2.  As David
pointed out, NFS is usually NOT exposed outside your firewall.  You do
have a firewall, don't you?  ;^)

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A2D131B.2548F379>