Subject: | |
From: | |
Reply To: | |
Date: | Tue, 7 Mar 1995 08:12:06 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
I'm trying to evaluate internet attack risks using VT with a 3k. Assume
that VT sits behind a router that allows access only to the VT port. What I
have so far:
() Does the HP-UX OS come with NS/vt software built in to connect to 3k's?
() My testing indicates that an NS/vt port can be attacked simply with any
Telnet client connecting to the VT port number, tying up sockets and vtservers.
() It follows that any NS/vt port can be attacked easily with a perl script
or simple BSD client that performs connections in a continuous loop, using
up all available sockets on the 3k without actually doing a logon. What is
the VT drop timeout?
() How easy is it to discover the proper protocol response to a NS/vt
connection and get an MPE prompt (roll your own VT client, say with a c or
perl script)?
() If this is done (figure out the proprietary handshake to obtain an MPE
prompt, like NS/open did), my testing shows that NS/vt will allow continuous
trial of passwords (try three passwords-drop; reconnect; try three
more-drop; reconnect, etc.) Is there any way to shutdown such an attack
without turning off NS/VT?
() What kind of TCP/IP level attacks can take place? I heard of things like
packet spoofing, does the 3k need to worry about this?
If anyone has more insights or experiences, please drop me a line. Thanks.
--------------------------------------------------------------------
Eric J. Schubert Administrative Information Services
Senior Data Base Analyst University of Notre Dame, IN USA
|
|
|