[nycbug-talk] [Fwd: Security Threat Watch 028]

Isaac Levy ike
Tue May 11 16:25:03 EDT 2004 

Hi All,

This (interesting) thread is moving way faster than me today <g>,

On May 11, 2004, at 11:08 AM, Mikel King wrote:

> Has anyone encountered this MAC bug?
>
> -------- Original Message --------
>
> Security Threat Watch
> 	Number 028
> 	Monday, May 10, 2004
> 	Created for you by Network Computing & Neohapsis
>
> --- Security News ----------------------------------------------
>
> The largest vulnerability this week involves a remote buffer overflow  
> in
> the Apple File Server
[...]
> http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0023.html

Hi all, it seems that Apple released the patch approximately 2 days  
after the vulnerability was announced here, for what that's worth.

For those generally unfamiliar with AFP:
But with that said, I haven't heard any personal reports of the  
vulnerability being used to compromise a system or network, mostly  
because I'd say I see AFB being used behind NAT.  Most larger  
organizations aren't using AFB that I see, (though BOY it would make  
some sysadmin's lives easier IMHO )- but it's usually used in  
enviornments which can't afford or make economic sense out of having a  
sysadmin or more complex network- (i.e. it's made to work in a  
decentralized network, no dns, and even works with no router between  
machines and a stupid old hub).  It's aim is to be simple for users.   
More info on AFP from the horses mouth, for those interested:

http://developer.apple.com/documentation/Networking/Conceptual/AFP/ 
Preface/chapter_1_section_1.html#//apple_ref/doc/uid/TP30000941

Now I'm not saying Large orgs explicitly DON'T use AFP, but it's really  
designed for a different culture and market, with different  
requirements for their practice, coming out of old AppleTalk.

This is just my opinion based on my observations- I build web apps, so  
I'm not in any place to practically compare file sharing protocols- but  
I've lived off and on happily with various network file systems, and  
AFP has always been reliable.

--
For The Record, Open Source implimentations of ye' ol AppleTalk from my  
bookmarks:

"Netatalk is a freely-available, kernel level implementation of the  
AppleTalk Protocol Suite, originally for BSD-derived systems."
http://netatalk.sourceforge.net/


"The Columbia AppleTalk Package (CAP) implements the AppleTalk protocol
stack on a variety of UNIX machines."
http://www.cs.mu.oz.au/appletalk/cap.html

"Apple  Talk Protocols"
http://www.protocols.com/pbook/appletalk.htm

More information about the talk mailing list