KS-Soft. Network Management Solutions
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister    ProfileProfile    Log inLog in 

RMA-Win connections

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    KS-Soft Forum Index -> HostMonitor
View previous topic :: View next topic  
Author Message
hmo



Joined: 14 Feb 2003
Posts: 81
Location: Denmark

PostPosted: Fri Jul 25, 2003 1:35 am    Post subject: Reply with quote

Alex!

Within RMA You specify from where connections is allowed - either all or listet IPs. Even though, You can make a active connection to RMA-port... should'nt that be impossible? I mean... if source IP is not allowed to talk to that "deamon" on an given port.. then it should'nt make the connection in the first place! Right?

This might be a small issue, but be aware when useing RMAs through Internet/Firewall's etc. - then the "deamon" should'nt be talking to anyone not specifyed in the rma.ini file.

Cheers,
Hans Mosegaard

Back to top
View user's profile Send private message Send e-mail Visit poster's website
KS-Soft



Joined: 03 Apr 2002
Posts: 12062
Location: USA

PostPosted: Fri Jul 25, 2003 12:45 pm    Post subject: Reply with quote

>if source IP is not allowed to talk to that "deamon" on an given port.. then it should'nt make the connection in the first place! Right?

RMA accepts TCP connection from anywhere. But first action it takes is checking incoming IP address. If address is not in the list, RMA drops connections.

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
hmo



Joined: 14 Feb 2003
Posts: 81
Location: Denmark

PostPosted: Sat Jul 26, 2003 10:18 am    Post subject: Reply with quote

It's imho not safe enough! Try to do a telnet onto RMA port... even though source IP is not granted, it will stay "connected" as long as you dont do anything! (untill defined timeout value). If you plan to use RMAs through internet/firewall's, then RMA should (read: it *must*) drop connection QUICK when it sees incoming IP address is'nt allowed! Why make RMAs attractive to scans or potiential "closer look" for a hacker?

Cheers,
Hans Mosegaard
Back to top
View user's profile Send private message Send e-mail Visit poster's website
KS-Soft



Joined: 03 Apr 2002
Posts: 12062
Location: USA

PostPosted: Sun Jul 27, 2003 10:25 pm    Post subject: Reply with quote

>Try to do a telnet onto RMA port... even though source IP is not granted, it will stay "connected" as long as you dont do anything! (untill defined timeout value).

H'm, what Windows and telnet do you use? On our systems RMA drops connections from unauthorized addresses right away. It waits for data only from IP addresses that are in the list (if you use Accept connections from following addresses). Just checked..

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    KS-Soft Forum Index -> HostMonitor All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

KS-Soft Forum Index