I'm trying to evaluate internet attack risks using VT with a 3k.  Assume
that VT sits behind a router that allows access only to the VT port.  What I
have so far:
 
()  Does the HP-UX OS come with NS/vt software built in to connect to 3k's?
 
()  My testing indicates that an NS/vt port can be attacked simply with any
Telnet client connecting to the VT port number, tying up sockets and vtservers.
 
()  It follows that any NS/vt port can be attacked easily with a perl script
or simple BSD client that performs connections in a continuous loop, using
up all available sockets on the 3k without actually doing a logon.  What is
the VT drop timeout?
 
()  How easy is it to discover the proper protocol response to a NS/vt
connection and get an MPE prompt (roll your own VT client, say with a c or
perl script)?
 
()  If this is done (figure out the proprietary handshake to obtain an MPE
prompt, like NS/open did), my testing shows that NS/vt will allow continuous
trial of passwords (try three passwords-drop; reconnect; try three
more-drop; reconnect, etc.)  Is there any way to shutdown such an attack
without turning off NS/VT?
 
() What kind of TCP/IP level attacks can take place?  I heard of things like
packet spoofing, does the 3k need to worry about this?
 
 
If anyone has more insights or experiences, please drop me a line.  Thanks.
--------------------------------------------------------------------
Eric J. Schubert                 Administrative Information Services
Senior Data Base Analyst         University of Notre Dame, IN USA