Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) news.com - Ascend Kill Article
On Tue, 17 Mar 1998, Jason Nealis wrote:
>
> This is amazing, Why in the hell would they sit on it. This really
> amazes me, I remember the last time something like this happened, It took
> forever to get a fix. Please explain to me why you would use anything on
> the discard port.
Yes, this is a good point. According to the date that I hear that
Ascend knew about the problem, there would appear to have been time to get
a fix at least in code that was released since that date. The 2.0.0 TNT
code is not very old, and it's got the problem..
> Ya know, Things were just getting stable, but hell, thats out the window
> now. And one more thing, I wouldn't be pissed if 1 time I could learn
> of exploits like this from Ascend, and not the damn users group.
>
I'm not particularly impressed by Ascend's response, both
politically and technically.
Politically, instead of being truthful and promising a quick fix,
they seemed to point the finger back at Secure Networks for letting the
cat out of the bag.
Technically, they should have scrambled to design filters (for all
platforms with detailed instructions for installing them) and we should
have seen software upgrades available by now.
Also, I'm suprised that, what among all the undocumented commands
within the Ascend Max TNT, that there isn't one to turn off admin selected
UDP ports. At this point, I'd like to know what all the other UDP ports
in the thing are for.. There sure are a lot of them.. Use the
(undocumented) 'ipportmap -m' command to see the ports.. Hey, where is
port 9? Now that's interesting.. So there could be MORE? Was Ascend
hiding something here?
Mike Jackson
TSCNet
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups:
References: