Re: Reminder for irix ppl

Mike Neuman (mcn@RIPOSTE.ENGARDE.COM)
Thu, 15 May 1997 10:24:28 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrew Anderson: "Netscape Certificate server"
Previous message: Sergiusz Fonrobert: "Re: cxterm buffer overrun"
Maybe in reply to: Nafees Bin Zafar: "Reminder for irix ppl"

> On a slightly different beat, perhaps SGI will consider changes the
> default settings, in either case I'd be interested in finding out why it
> is the default behavior.

SGI (in IRIX 6.3) has a really nice interface which will allow you to turn
this feature on and off.

Another warning: The "guest" account exists without password on every IRIX
system by default.

One more: Beware the IPForwarding on/off checkbox on IRIX 6.3 (and possibly
others). It doesn't do a thing. A dual-homed SGI O2 running 6.3 clearly said
that IPForwarding was off, and was still forwarding my packets through to the
other side. The sysadmin who was running the machine had to modify a couple
scripts in /etc/init.d to fix the problem. I don't have any further details,
as I was busy breaking into other systems, not paying attention to how it was
fixed. :-) Anyway, if you have a dual-homed SGI, make sure it's not forwarding
by actually testing it rather than believing the GUI.

(And who said penetration testing wasn't a useful security service?) :-)

-Mike
mcn@EnGarde.com
http://www.EnGarde.com/~mcn

Next message: Andrew Anderson: "Netscape Certificate server"
Previous message: Sergiusz Fonrobert: "Re: cxterm buffer overrun"
Maybe in reply to: Nafees Bin Zafar: "Reminder for irix ppl"