[unisog] New DISS Security Model

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Thu Jun 1 19:42:41 GMT 2006


On Thu, 01 Jun 2006 12:58:26 CDT, Chris Green said:
> Ah, yeah that hit our fan a week ago.  AFAICT, the primary purpose of  the
> applications they access is the workstation of the Facility Security Officer
> needs to be able to fill out some paperwork related to DoD-related grants.
> 
> >From the grapevine at other schools, yes changing the PTR to a .com worked.

You mean they don't even bother looking up the target of the PTR, and make
sure it has an A record that points back to the original IP address?

"Out, out, you demons of stupidity!" -- Saint Dogbert

(For bonus points, what are the chances that their nameservers are still
running a BIND 4/8 that's susceptible to cache poisoning, which can be used
to hand it a suitable PTR even if you don't control the zone, as long as you
control *a* zone? ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20060601/16f67b8b/attachment.bin


More information about the unisog mailing list