Article delegate-en <_A3551@delegate-en.ML_>
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[delegate-en/3551]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Antwort: Re: [DeleGate-En:3556] Antwort: Re: [DeleGate-En:3553] delegate security flaw [Virus checked]
18 Oct 2006 13:02:39 GMT p3igqbdyi.ml@ml.delegate.org


Hi , 

but in fact it is !. can i provide you with some logs to investigate this, 
or you can setup a simple scenario on your own an
see it actually happen . no offense, but for the time beeing i have to 
switch to stunnel until this is fixed !

greetz martin papadopoulos



feedback@delegate.org (Yutaka Sato) 
18.10.2006 14:46
Bitte antworten an
feedback@delegate.org


An
feedback@delegate.org
Kopie
p3igqbdyi.ml@ml.delegate.org, feedback@delegate.org
Thema
Re: [DeleGate-En:3556] Antwort: Re: [DeleGate-En:3553] delegate security 
flaw [Virus checked]






Hi,

In message 
<_A3549@delegate-en.ML_> 
on 10/18/06(21:25:24)
you p3igqbdyi.ml@ml.delegate.org wrote:
 |even with stls this is not the case ! the permission is denied after an 
 |initial relay has been made to an arbitrary server.
 |therefore the delegate master process still is vulnerable to ddos ! :-(

If SSL is failed with STLS=fcl, MASTER DeleGate (with SERVER=delegate)
cannot know any of client's request including the desitination server,
so it cannot connect to anywhere. I think so.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V