Petr/Linux,
If you are relying on port 524 to get SAP information for NCPFS over
TCPIP, you may want to track this since it appears Novell will be
patching this port to close a security flaw. I
added the tracking URL so you can review what changes they are
proposing. I think what they
are proposing as an immediate patch may break NCPFS -- you will need to
check.
:-)
Jeff
Novell NetWare discloses system information
Novell's NetWare operating system contains a flaw that allows
system information to be leaked via TCP port 524 in pure IP
configurations. When NetWare is used in a mix Microsoft
environment, the Novell operating system leaks data via Service
Advertising Protocol (SAP). Other third-party applications
compound the problem as well. A hacker can use the data to gain
knowledge on the inner workings of the affected system. It is
recommended that port 524 be blocked to prevent any leaks. For
more information on SAP:
http://support.novell.com/cgi-bin/search/search.pl?database_name=kb&type=HTM
L&docid=%03%21F221133%3a973867389%3a%20%28%2010050864%20%29%20%20%07%01%00&b
yte_count=71624
**********
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Nov 15 2000 - 21:00:26 EST