[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security on Dial-up Systems
Just a small word about te non-executable stack patch:
A.) It doesn't stop _all_ buffer overflow attack (though admittedly it
stops the most common ones.)
B.) Some applications depend on an executionable stack (though I've never
encountered one myself, I've heard that trampoline functions in GCC use
the stack executionably (New word! :)).
Regards,
Nir.
As for the original 'poster' - Do what I did for my security, disabled
_all_ the services I didn't need. That includes daytime, chargen, and all
that useless crap. Disabled identd, disabled fingerd, disabled ftpd,
disabled rshd and rlogind, telnetd however, I kept.
The best way to secure a machine is to keep theleast 'doors' to it open as
possible. You're on a dialup system? Why would you need sendmail or qmail
then? Wham, one less potential hole. You're on a dialup system? Why in
gods name would you need a POP server/IMAP server? Wham, another hole.
HTH.
On Thu, 31 Jul 1997, Nimrod Zimerman wrote:
> On Wed, 30 Jul 1997 gal@netvision.net.il wrote:
>
> > Do hackers really look for home computers connected with dynamic IP to crack
> > into?
>
> That probably depends on your definition of 'hackers'. It is not uncommong
> to notice somebody has grabbed your dynamic IP (either by blindly trying a
> range, or by other means, such as IRC), and now tries to see if he can
> cause some damage.
> It has happened to me twice (no harm was done, as expected).
> Few days ago somebody suggested that I'd set the CTCP VERSION reply of my
> IRC client to mIRC (or some other Windows client). At first, nothing
> happened, and I got tired and stopped paying attention to tcpdump's log.
> After a few hours, though, I found out that two people tried to crash my
> "Windows" using the OOB bug (port 139). Why? Because.
>
> Give it a try, sometime. Say in #linux or #unix that you offer a 'guest'
> telnet account (with gcc). Count to 20, and you'll have 5 users trying to
> run whatever exploits they've encountered lately. Rather cute, watching
> people in ttysnoop (some of them not being aware I can do that).
>
> A word of advice (correct me if I'm wrong) - get the Linux non-executable
> stack patch. To the extent of my experiments, it has proven to be quite
> effective against buffer-overrun exploits, that compose the majority of
> Linux exploits, as far as I know. 'qmail' is probably another good word of
> advice.
>
> Nimrod
>
>
--
Nir Soffer AKA ScorpioS. scorpios@cs.huji.ac.il
http://www.cs.huji.ac.il/~scorpios/
'It's time to kick ass and chew bubble gum. I'm all out of gum.'
Mail me with the subject 'get pgp key' to get my PGP Public key.
Follow-Ups:
References: