Remembering how numerous were the vulnerabilities of early windoze TCP/IP stack realisation I’m a bit frightened to expose my QNX v4.25G + TCP/IP v5.0 box to Internet.
As an admin, I’m fully aware of not running any unneeded services. The software that I intend to use (SSH2) is considered to be safe.
I’d like know if there are any weaknesses of or exploits against the TCP/IP v5.0
Any buffer overflows in the Tcpip (or Socklet in TCP/IP v4.25D) itself?
Does it handle attacks like heavily fragmented packets with wrong offsets (a.k.a. “teardrop”)?
Will it survive the forged packets with any weird sourceIP:port-destIP:port combinations (i.e. sourceIP == destIP)?
A lot of badware exists…
I plan to use the hardware firewall between the box and Internet to do the basic filtering.
Please share you expirience of using both TCP/IP v5.0 and TCP/IP v4.25D in the “real life” conditions.
Remembering how numerous were the vulnerabilities of early windoze TCP/IP
stack realisation I’m a bit frightened to expose my QNX v4.25G + TCP/IP
v5.0 box to Internet.
As an admin, I’m fully aware of not running any unneeded services. The
software that I intend to use (SSH2) is considered to be safe.
I’d like know if there are any weaknesses of or exploits against the
TCP/IP v5.0
The QNX stack is based on the NetBSD stack I beleive.
Any buffer overflows in the Tcpip (or Socklet in TCP/IP v4.25D) itself?
Does it handle attacks like heavily fragmented packets with wrong offsets
(a.k.a. “teardrop”)?
Will it survive the forged packets with any weird
sourceIP:port-destIP:port combinations (i.e. sourceIP == destIP)?
A lot of badware exists…
I plan to use the hardware firewall between the box and Internet to do the
basic filtering.
Please share you expirience of using both TCP/IP v5.0 and TCP/IP v4.25D in
the “real life” conditions.
QNX product don’t usually go through a very complete and exhaustive security
analysis.
I’d like know if there are any weaknesses of or exploits against the
TCP/IP v5.0
The QNX stack is based on the NetBSD stack I beleive.
Well, it depends on what the patch level *BSD v4.4 stack has been when the port was done.
Please share you expirience of using both TCP/IP v5.0 and TCP/IP v4.25D in
the “real life” conditions.
QNX product don’t usually go through a very complete and exhaustive security
analysis.
Sad to hear.
If you have a hardware firewall and are only exposing your SSH port then
what you’d be interested in are the vulnerabilities of the OpenSSH
implementation you’re using.
Buffer overruns etc - those are OS specific I would think and so I’m not
sure how someone would exploit those on QNX. I haven’t seen any QNX root
kits
But SSH is a common thing and there have been issues.
On Mon, 18 Oct 2004 17:44:20 -0400, Nick C. <qnx@qrts.com> wrote:
If you have a hardware firewall and are only exposing your SSH port then what you’d be interested in are the vulnerabilities of the OpenSSH implementation you’re using.
The server is not OpenSSH’s but SSH.com’s v3.2.9.1 - hope, there are no buffer-overruns in it.
At least, I’ve seen lots of snprintf(), snscanf() and friends there…
…I haven’t seen any QNX root kits >
It will suffice if script kiddies are able to abuse me with SIGSEGVing the socket manager or otherwise DoSing the box.
