Re: Hacking sorted (OLD, Sorry)

From: Treker (treker@positron.net)
Date: 09/02/00


> > Well, you as the network admin should have disabled remote
> > registry, gotten
> > the 128 bit encryption update, installed it, used SYSKEY, and
> then headed
> > over to NTBUGTRAQ.  But that's another story =P  I'm also an
> > network admin,
> > although a young one, but that's the first thing I do on a new NT
> > workstation/server--secure it as best I can.
> >
>
> Exactly what kind of things I was doing.  I took over and wrote up a
> security
> evaluation for the owner then put fixes in place.  But that's another
> topic...
>
> > > Actually, Windows 2000 seems _somewhat_ secure when set up
> properly.  My
> > > solution was to put the MUD on a 192.168. address and have a port
> > > forwarding
> > > firewall that ONLY allows port 4000 to get to that machine.  You
> > > connect to
> > > the firewall on port 4000 and it transparently forwards the
> > connection to
> > > the MUD machine on port 4000.  I use Linux kernel 4.2 with
> IPTables (not
> > > IPChains) to do this and it works beutifully.  I can also set up rules
> > > at the firewall to allow or block based on subnets and many
> > other criteria
> > > to help keep DOS attacks from even reaching the MUD server.
> >
> > Would it not be simpler to disallow connections on all ports through a
> > certain adapter except for port 4000?  Or to do it at the router?
> >
>
> But the firewall's already there... why not make it work for me, eh? LOL
> Besides, you might still fall prey to fragmented packets, etc, if the
> firewall is on the same box as the game.  With this, the firewall has to
> specifically forward the packet.  Besides, I trust no machine running an
> OS from Microsloth.
>

I guess you're right.  Ahh, I remember the days of Windows 95...when OOB was
the script kiddie's favorite tool.  Oh well.  I've been receiving numerous
fragmented packet attacks and DDOS attacks, and teardrop onto my linux
box...no firewall...and no crashes.


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     |  http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html  |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 04/11/01 PDT