Security Hole?

Subject: Security Hole?
From: Bryn Hughes (bhughes@vcc.bc.ca)
Date: Thu Oct 05 2000 - 12:39:28 EDT

• Next message: Steven Karel: "Re: Mac OS X Beta -> Netatalk"
• Previous message: Walt: "printing "problems"..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think I may have inadvertantly discovered a security hole in netatalk:

Here's what I did:

I had set up my original server with a static IP and netatalk... later I set up a second server with the original IP address of the first server. The first server was moved to a different subnet and had it's appletalk share renamed but it did NOT get it's host name and IP address info changed. Since it was on a different subnet, it had no IP functionality, right? HOWEVER when trying to connect to this server via netatalk, the connection was actually being made to the new server since the old server was giving out that IP information. It seems that it wouldn't be all that difficult to 'spoof' a Mac into thinking it's connecting to one server when it's actually connecting to another one! Granted in the login box the CORRECT server name is displayed, but for 'average joe user' this isn't much of a hint. Basically it looks to me like someone with a server running netatalk could plug into my LAN, blow away my TCP/IP (excessive address conflicts or the like) and then grab user IDs and passwords when users tr
ied to connect to what appears in the chooser as their regular server.

----------------------------------------------
Bryn Hughes
Macintosh Technical Support
ICS
Vancouver Community College

ph: (604) 443.8702
fax: (604) 443.8353
email: bhughes@vcc.bc.ca
----------------------------------------------

• Next message: Steven Karel: "Re: Mac OS X Beta -> Netatalk"
• Previous message: Walt: "printing "problems"..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:32:20 EST