Network security on AmigaOS with MiamiDx or any other stack

[KennyR]

- Which firewall solutions exist on AmigaOS?

(Edit: pasted wrong question, D'oh!)

There are none that I know of, apart from MiamiDX's. If you want a secure Amiga, use a linux, BSD or hardware router (not Windows - ICS is incredibly unsafe).

- Is AmiTCP (the version geekgadgets distributes) still updated and fixed?

AmiTCP v5 will be available eventually, but only for MorphOS.

[KennyR]

If it helps, here are my recommendations on getting the most secure Amiga system. You'll probably know them, though.

· Don't put your Amiga on a direct connection to the net if possible. Their TCP/IP stacks are just too old and not updated.

· If you use AmIRC, never accept CTCP requests from users you don't know. AmIRC can be pushed over by flooding by CTCP.

· Use the most up to date MUI applications. Older internet MUI apps had a control string exploit which could be used to execute AmigaDOS commands.

· Try not to use FTP or telnet. An open port is an easy target for a nuke.

· Set your firewall not to reply to ICMP pings. Nobody is immune to DoS attacks, but at least this way it'll take powerful attack to saturate your whole bandwidth.

· Scan outgoing ports on a regular basis for trojan activity. Make sure there are no suspicious processes.

[KennyR]

ping -l (from unix system) 100000 |amiga ip|.

ping -l 10000 |amiga ip| sends 100000 echo request packets without waiting for echo replys. It doesn't have to be 100000, but it should do.This surpasses the Flood-protection in MiamiDx, and MiamiDx crashes because of some buffer overrun. MiamiPFW is by the way helpless when this occurs.

I did actually try this on someone, with their permission. MiamiDX's flood protection kicked in after the first packet and they did not crash. The only difference is I pinged from MOS and not from UNIX.

Do you know how can I test if a MUI app is vulnerable?

I'm sorry, I don't know. It was something to do with sending control characters via internet. YAM, Voyager, SimpleMail, FreeCiv, IBrowse and AmIRC at least were made immune to this exploit.

Oh, and one more thing - never accept amigaguide files from users you don't know. It's extremely easy to imbed commands inside it and quick format your hard drive the moment you open it or click on a link.