Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (ASCEND) Ascend Kill II - perl version



On Tue, Mar 17, 1998 at 01:27:39PM -0500, Phillip Vandry wrote:
> > This is for everyone who had problems with the Linux only version in C.
> > This should be pretty cross platform.  (Requires perl 5.x)
> 
> Thanks - this one still isn't portable because you defined a constant:
> 
> > sub SOCK_DGRAM {2;}
> 
> ...which was not true on my system, but now I do at least have a killer
> that works :-(

Thanks for the tip to a perl illiterate. I just commented out these
two lines and now I have the license to kill from my Solaris box ;->

> Now as for the fix (http://www.ascend.com/2694.html), I began by
> configuring this filter on the Ethernet interface, and the Ethernet
> stopped working at all a few minutes later!

This fix is rather stupid. It defines a blocker for UDP 9 (Ok so far)
but as a passer for everything else it uses an IP filter. This of course
leads to ARP beeing blocked when the filter is applied to the Ethernet
interface. Sounds like a M$ "Hotfix" :-/

The solution is clearly to use a GENERIC entry for the pass-all.

I've started filtering UDP 9 on my uplink Cisco with logging (and tested
it using nc -u) but no hits so far - if some bonehead out there tries
this with a non-faked source IP - gotcha.

-- 

Kanther-Line: PGP SSH IDEA MD5 GOST RIPE-MD160 3DES RSA FEAL32 RC4

+-o-+--------------------------------------------------------+-o-+
| o |               \\\- Brain Inside -///                   | o |
| o |                   ^^^^^^^^^^^^^^                       | o |
| o | Andre' Beck (ABPSoft) beck@ibh-dd.de XLink PoP Dresden | o |
+-o-+--------------------------------------------------------+-o-+
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>


References: