[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security on Dial-up Systems
.
.
most lines deleted.
.
.
>
> If you value your machine, several security minded decisions are
> certainly in place, like keeping up with the latest versions of stuff
> (as I didn't). However, someone just trying to telnet in is not really a
> cause for alarm. If you have good passwords.
Unless you allow public ftp's in, and have a writable directory such as
incoming. if you do, LD_LIBRARY_PATH/LD_PRELOAD attacks are possible
via telnetd without knowing any passwords.
However, linux has firewalling capabilities. just block access from
unknown IP's to any server running on your machine.
(wrappers might now be enough since you also run servers such as
nfsd/mountd/sendmail which are known to have buffer overflows.)
btw, it happened to me twice on #linux (irc.funet.fi). two people tried
to hack into my home machine. however my FW just "let them in" to an old
386 I have at home, and kept them busy for a while, thinking they have
root but on a very weird machine. (one with strange shell, and that
doesn't let root do certain things, while getting his commands stuck on
some NFS retries. - I took this one from "firewalls and internet
security" by AT&T. a great book btw.)
One of them had to reinstall his linux later (vehamevin yavin).
The other one was running NT (!) so an OOB packet to his 139 kicked him
easily. ;)
>
> Have fun,
>
> --
>
> Gilad Ben-Yossef <pbril@ix.netcom.com>
> Gtek Technologies / PBR
>