[nycbug-talk] [Fwd: Security Threat Watch 028]
ike at lesmuug.org
Tue May 11 16:25:03 EDT 2004
This (interesting) thread is moving way faster than me today <g>,
On May 11, 2004, at 11:08 AM, Mikel King wrote:
> Has anyone encountered this MAC bug?
> -------- Original Message --------
> Security Threat Watch
> Number 028
> Monday, May 10, 2004
> Created for you by Network Computing & Neohapsis
> --- Security News ----------------------------------------------
> The largest vulnerability this week involves a remote buffer overflow
> the Apple File Server
Hi all, it seems that Apple released the patch approximately 2 days
after the vulnerability was announced here, for what that's worth.
For those generally unfamiliar with AFP:
But with that said, I haven't heard any personal reports of the
vulnerability being used to compromise a system or network, mostly
because I'd say I see AFB being used behind NAT. Most larger
organizations aren't using AFB that I see, (though BOY it would make
some sysadmin's lives easier IMHO )- but it's usually used in
enviornments which can't afford or make economic sense out of having a
sysadmin or more complex network- (i.e. it's made to work in a
decentralized network, no dns, and even works with no router between
machines and a stupid old hub). It's aim is to be simple for users.
More info on AFP from the horses mouth, for those interested:
Now I'm not saying Large orgs explicitly DON'T use AFP, but it's really
designed for a different culture and market, with different
requirements for their practice, coming out of old AppleTalk.
This is just my opinion based on my observations- I build web apps, so
I'm not in any place to practically compare file sharing protocols- but
I've lived off and on happily with various network file systems, and
AFP has always been reliable.
For The Record, Open Source implimentations of ye' ol AppleTalk from my
"Netatalk is a freely-available, kernel level implementation of the
AppleTalk Protocol Suite, originally for BSD-derived systems."
"The Columbia AppleTalk Package (CAP) implements the AppleTalk protocol
stack on a variety of UNIX machines."
"Apple Talk Protocols"
More information about the talk