[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Lynx/MSIE denial-of-service
|
From: |
Scott McGee (Personal) |
|
Subject: |
Re: LYNX-DEV Lynx/MSIE denial-of-service |
|
Date: |
Wed, 12 Mar 1997 13:56:57 -0700 |
Harald Tveit Alvestrand <address@hidden> writes:
>wrt chargen port and so on:
>http://domen.uninett.no/%7ehta/ietf/http-traps.html lists some of those.
I played with this a bit (actually, with a local copy with the To: address
changed to my machine, plus some other tweeks) and found that lynx doesn't
seem to fall for the mail type traps, failing with a communication protocol
error, but could be vulnerable to modifications of them. I played with
Netscape too, and found that in addition to the port 19 block for chargen,
it will not allow access to port 25, giving an
Sorry, access to the port number given has been disabled for security reasons.
error message. Perhaps, if Fote agrees, Lynx should dissallow this too.
Scott
Scott McGee: Salt Lake Community College Webmaster | When in danger,
___________________________________________________| or in doubt,
Email: address@hidden (Scott McGee) | run in circles,
Web: http://www.slcc.edu/infotech/webmaster.html | scream and shout.
----------------------------------------------------------------------
My opinions do not necessarily reflect those of the College. Trust me!
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
Re: LYNX-DEV Lynx/MSIE denial-of-service, Klaus Weide, 1997/03/11
Re: LYNX-DEV Lynx/MSIE denial-of-service, Harald Tveit Alvestrand, 1997/03/12
Re: LYNX-DEV Lynx/MSIE denial-of-service,
Scott McGee (Personal) <=