-
June 3rd, 2002, 05:09 PM
#1
Cygwin
I just downloaded Cygwin the windows based *nix emulator/shell and i know that it's just another shell but what i dont know is it vulnerable in anyway? Cause i know in *nix systems you can just telnet into the ip adress and get a login screen, but you cant do that in windows you just get a banner. So I guess what im asking is, is cygwin a big hole in my system?
-
June 3rd, 2002, 05:28 PM
#2
I also have Cygwin and Vsh on one of my win98 systems I tried to telnet into it but i was unsucessful i just got the http bad request and a system banner (timestamp, operateing system, default browser etc...) so no i dont think it is leaving your system vulnerable it's just a nother convient shell to have.
-
June 3rd, 2002, 06:03 PM
#3
NO I TAKE IT BACK I TELNETED INTO PORT 23 AND I GOT THE CYGWIN LOGIN PROMPT BUT BECAUSE CYGWIN WHEN INSTALLED DOESNT REQUIRE YOU TO ENTER A ROOT PASSWORD YOU CAN JUST CRL+C AND GET THE COMMAND PROMPT I SUGGEST YOU GET BLACKICE OR DOWNLOAD A *NIX FIREWALL.
-
June 6th, 2002, 03:57 AM
#4
Junior Member
cygwin security
I'm no expert on this (I only use windows occasionally), but cygwin can only be vulnerable if you install some kind of server software (telnetd, sshd, ftpd, etc.). If you want to be able to access your machine remotely I would suggest scrapping telnet and trying ssh.
If your not sure about what services are running on your maching try nmap (I think this is available through cygwin) or superscan (for windows), and scan 'localhost' -- this should reveal any open ports.
-
June 6th, 2002, 04:14 AM
#5
under cygwin you can also run DOS commands
netstat -a
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
June 6th, 2002, 04:48 AM
#6
Senior Member
Originally posted here by Tedob1
under cygwin you can also run DOS commands
netstat -a
hi
netstat is ALSO a unix/linux command.
just don't ask me which came first.
regards,
mark.
\'hi, welcome to *****. if you would like to speak to an operator, please hang up now.\'
* click *
-
June 6th, 2002, 06:33 AM
#7
Isn't cygwin like just a set of modified libs that interface between the OS and apps?
Ammo
Credit travels up, blame travels down -- The Boss
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|