Linux X Windows flaw lets intruders in [Archive] - Antionline Forums

Click to See Complete Forum and Search --> : Linux X Windows flaw lets intruders in

gstudios

March 31st, 2002, 05:03 AM

Perhaps more of the 'experienced' linux users, already know about this, but figured to post it, to help those who hadn't disabled it, or knew about it.

From:
ExtremeTech (http://www.extremetech.com/print_article/0,3428,a=24764,00.asp)

Linux X Windows flaw lets intruders in

Many distributions of Linux (and some other UNIX-like operating system distributions) appear to be misconfigured, by default, to allow root logins from across the network. The flaw, which was fixed by Caldera in its own software in 1999 but was recently discovered to be widespread, is in the configuration of X Windows; it allows anyone to obtain a remote console and mount a password guessing attack.

According to the advisory at the second link below, Mandrake Linux 8.0, SuSe Linux 7.2, and Irix 6.2 are affected. Solaris is partially vulnerable; it allows access but will not allow direct root logins. Red Hat 7.2 and Caldera are not vulnerable. Other UNIX-like operating system distributions may or may not be vulnerable.

Claims that this is a "Back Orifice for UNIX" are overblown, but it's still a good idea to disable remote X Windows logins from across the Internet. (The advisory at the second link below describes how to do this.) Secure Shell (SSH), which provides encryption and better authentication, can still be used if you must run X Windows sessions from afar.

cwk9

March 31st, 2002, 05:08 AM

Thanks for the info this is news to me.

linuxcomando

April 2nd, 2002, 07:23 PM

Thats why you use at least 15 alpha numeric passwd cobos ;)
You don't even know how many peoples linux boxes who have passwords like friggin redhat or drowssap
and there in shock when it takes 10 minutes to rip a dictionary password. Passwords should not be your first defense but they are your last defense. USE STRONG PASSWORDS q0d(#kdLYG&_<>. is a good password. not billybob or bobbilly.
If you use crappy passwords then your in trouble when it comes to the kind of attack like gstudios says

Mucolaca

April 2nd, 2002, 07:26 PM

thanks for the info

souleman

April 2nd, 2002, 07:50 PM

Like you said, Caldera fixed the flaw in 99. You will also notice that Irix is in the list of affected systems. Irix (for those who don't know) is SGI's version of Unix. It is, out of the box, one of the most secure versions of unix available, but it only runs an SGI hardware, so unless you are loaded...... Anyway, this has been a common and well known problem since x-windows begain. We used to play with it back in 95 on our school network, just because we could. There isn't much need for a remote x-windows session any more anyway, so I would disable it unless it is absoutely necessary (which isn't very likely).