[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Lynx/MSIE denial-of-service

From: Scott McGee (Personal)
Subject: Re: LYNX-DEV Lynx/MSIE denial-of-service
Date: Wed, 12 Mar 1997 13:56:57 -0700

Harald Tveit Alvestrand <address@hidden> writes:

>wrt chargen port and so on:
> lists some of those.

I played with this a bit (actually, with a local copy with the To: address
changed to my machine, plus some other tweeks) and found that lynx doesn't
seem to fall for the mail type traps, failing with a communication protocol
error, but could be vulnerable to modifications of them. I played with 
Netscape too, and found that in addition to the port 19 block for chargen,
it will not allow access to port 25, giving an

Sorry, access to the port number given has been disabled for security reasons.

error message. Perhaps, if Fote agrees, Lynx should dissallow this too.


Scott McGee: Salt Lake Community College Webmaster | When in danger,
___________________________________________________| or in doubt,
Email: address@hidden (Scott McGee)         | run in circles,
Web: | scream and shout.
My opinions do not necessarily reflect those of the College. Trust me!
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]