There is no magic pixy dust....

[thehorse13]

Well I have read a *ton* of threads, mostly started by AO newbies, and all of them seem to have the same general misconception about *nix vulnerabilities. They all seem to think that some mystical powers are used to compromise *nix systems. Seeing that misinformation is one of my biggest peaves, I've decided to clear up the issue regarding the several major ways that *nix systems can be comprimised.

1) Listening Service - If a service isn't listening, you can't exploit it. Be mindful of each and every listening port. Take the time to educate yourself and others who are responsible for the server.

2) Source routing - If you have compiled routing support in your kernel and then wonder how your firewall was cirumvented, start by looking here. All someone has done is source route using your *nix box. I've seen this a bunch of times.

3) User initiated remote exploit - This is the typical trojan horse, virus, malicous web site, etc. This one is my favorite. If you are running a web browser as root and hit a page that has some fine crafted code, guess what will happen to your *nix box? Yep. Blammo. Again, take the time to understand how your browser interacts with the system. This alone will save you a lot of grief and it will help you to quickly indentify future issues. Try your best *not* to run programs as root. This too, will save you a lot of grief.

There are some good books that cover this. I believe that one of the Hacking Exposed books goes over this topic in great detail (version 2 I think?). Anyway, as I said, there is no magic pixy dust. These are the three major ways that *nix systems are exploited. I left out physical access because anyone with a sledge hammer can initiate a DoS attack

--Dismount soap box--

Hope this helps out.

[phishphreek]

Anyway, as I said, there is no magic pixy dust.

Wait a second now!
You mean to tell me that the white "magic dust" that I bought last week downtown off the guy in the alley isn't magic pixie dust after all?
Damn... that stuff was pretty expensive. I wonder if he'll accept a return without a reciept?

Sorry... couldn't resist.

[thehorse13]

Bwahahahahahah!

Well rumor has it that a certain AO member (Tiger Shark) has some *REAL* magic pixy dust for sale. His asking price is $1,000 US dollars. Sounds like a steal to me. I guess I will send him the money instead of Carlton Sheets or Don Lapre....

[padre]

well, pixie dust is blue
white dust is for another type of magic

[sweet_angel]

Originally posted here by phishphreek80


Wait a second now!
You mean to tell me that the white "magic dust" that I bought last week downtown off the guy in the alley isn't magic pixie dust after all?
Damn... that stuff was pretty expensive. I wonder if he'll accept a return without a reciept?

Sorry... couldn't resist.

....hahahahaha...thanks phish..you made me laugh today.....( I have bad day today)

Sorry couldn't resist too...good post BTW thehorse13

[cwk9]

Pixy dust is in short supply since you have to capture a pixy and extract the dust using a centerfuge. Pixy sticks are plentful but their effects on *nix systems is undocumented. http://www.discountcandy.com/prodorder.asp?CatNo=231

[vescovono]

Going back over some books me'ah I also found the subject of ports/services covered quite well in the "Hack Attacks" Series:

For those who don't have these - I and a few others in the pit recommend them:

Hack Attacks Denied. Chirillo. ISBN: 0-471-41625-8.
Hack Attacks Revealed. Chirillo. IBSN: 0-471-41624-X.

Plus they make great pillows.

Now back to my dust. Good stuff except for the tiny Cartmans' that come out of my ears.