[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Fw: Potential DoS ?????? - updated info

Subject: [cobalt-users] Fw: Potential DoS ?????? - updated info
From: "Daniel Pumphrey" <dpumphre@xxxxxxxxxxxxxxx>
Date: Sun Apr 30 22:42:01 2000

One other thing I forgot to mention - the admin server on port 81 - when I
go to access the admin GUI at
http://www.domain-name.com:81/.cobalt/siteManage/www.domain-name.com/index.h
tml

I get the following error:

<-- snip -->
The server encountered an internal error or misconfiguration and was unable
to complete your request.
<-- snip -->

This also makes me think it munged /etc/hosts.deny and /etc/hosts.allow and
potentially its own database?????

anyone want to see if they can replicate this? -- ahh, didn't think so.

oh well,

Daniel


----- Original Message -----
From: Daniel Pumphrey <dpumphre@xxxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Monday, May 01, 2000 12:50 AM
Subject: Potential DoS ??????


> I found something interesting this evening - ok so its now offically
> morning, but anyway...
>
> I was setting up myself as an admin user on a test cobalt and went back
into
> my user settings to add telent access.  Well I check the telnet access
> checkbox, but didn't enter a password and hit the submit button. By
default
> the GUI does not enter anything into the passwd text boxes of the form.  I
> realized it pretty quickly but then decided that the GUI would just prompt
> me to to go back and enter my password, but it didn't.
>
> Then the browser started prompting me for my credentials and would not
> accept them - by then I had a pretty good idea what had probably happened.
> I can no longer access any web (port 80), ftp (port 21), telnet (port 23)
to
> the box.  I get connection refused each and every time.  I imagine that
the
> GUI munged the /etc/hosts.allow and /etc/hosts.deny files.  I can however
> connect to the box via SMTP (port 25).
>
> So first thing in the morning when I get to the office I will be slapping
on
> a serial cable and hoping the serial interface will come up.
>
> I'm sure we can start a hugh flame war on wether or not the cobalt GUI
> should default the users passwd with their current passwd - remember the
> form uses a passwd text field so it would show up as ********, etc.  I
think
> that they should at least remove the changing of users passwds out to a
> seperate form.  I can imagine as I go live with this box and I have site
> admins managing their users that someone will want to modify some of the
> settings on that screen, but not know what their user has changed their
> passwd to and thus have to change it to add the setting.  arrrgh - hope
that
> makes sense.  If not /dev/null that thought.
>
> Or if the site admin did what I did and did not enter a passwd at all he
> could cause the whole box to stop responding to most request, thus the
> potential DoS - I'm sure that no site admin would do this on purpose
though.
>
> Anyway searched the archives and found some not being able to get the
> console port to work, but others who have - I'll try and find my serial
> cables for my cisco stuff and try those.
>
> Thanks
> Daniel
>

Follow-Ups:
- Re: [cobalt-users] Fw: Potential DoS ?????? - updated info
  - From: Gordon

Prev by Date: [cobalt-users] Potential DoS ??????
Next by Date: Re: [cobalt-users] Fw: Potential DoS ?????? - updated info
Previous by thread: Re: [cobalt-users] mail errors
Next by thread: Re: [cobalt-users] Fw: Potential DoS ?????? - updated info

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index