-
May 5th, 2003, 02:46 PM
#1
There is no magic pixy dust....
Well I have read a *ton* of threads, mostly started by AO newbies, and all of them seem to have the same general misconception about *nix vulnerabilities. They all seem to think that some mystical powers are used to compromise *nix systems. Seeing that misinformation is one of my biggest peaves, I've decided to clear up the issue regarding the several major ways that *nix systems can be comprimised.
1) Listening Service - If a service isn't listening, you can't exploit it. Be mindful of each and every listening port. Take the time to educate yourself and others who are responsible for the server.
2) Source routing - If you have compiled routing support in your kernel and then wonder how your firewall was cirumvented, start by looking here. All someone has done is source route using your *nix box. I've seen this a bunch of times.
3) User initiated remote exploit - This is the typical trojan horse, virus, malicous web site, etc. This one is my favorite. If you are running a web browser as root and hit a page that has some fine crafted code, guess what will happen to your *nix box? Yep. Blammo. Again, take the time to understand how your browser interacts with the system. This alone will save you a lot of grief and it will help you to quickly indentify future issues. Try your best *not* to run programs as root. This too, will save you a lot of grief.
There are some good books that cover this. I believe that one of the Hacking Exposed books goes over this topic in great detail (version 2 I think?). Anyway, as I said, there is no magic pixy dust. These are the three major ways that *nix systems are exploited. I left out physical access because anyone with a sledge hammer can initiate a DoS attack
--Dismount soap box--
Hope this helps out.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|