Security Abt Guest Account On Rh 7.3
Results 1 to 5 of 5

Thread: Security Abt Guest Account On Rh 7.3

  1. #1
    Junior Member
    Join Date
    May 2002
    Posts
    17

    Security Abt Guest Account On Rh 7.3

    Hello guys,
    I have a Rh 7.3 server running in my lab with guest account enable which is very important for my work can u guys tell me how can someone break into my rh 7.3 box using a gust account only so that i can prevent the attack
    waiting

  2. #2
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    Well I take it the guest account probably has basic access to things like compilers and such. That being said, there are lots of exploits that can escalate the users privileges beyond guest, even to root in some cases. You might want to think about chroot'ing the guest account to restrict access and help prevent someone from doing harm to your system. Check out this tutorial on how to chroot an account
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  3. #3
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    Preventing the Guest account from downloading any files over the internet such as tools could perhaps help u secure the server a bit better. GL

  4. #4
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    Cybr1d > true, preventing downloads would keep a user from getting exploit code or rootkits onto the system, but only for a short while. A determined person would just download to their box, then copy and paste the code, or type it by hand if pasting wouldnt work. Basically to keep that account safe from someoen executing code you not only have to prevent them from getting the tools, but also really you would need to completely disallow access to compilers. Even with no compiler access and the inability to download things from the internet, there is still the chance that they could use a bash script to accomplish some form of privilege elevation. Unfortunately the more secure you make the account, the less features you have available, which hinders the use of the account, so you have to ask yourself what kind of a balance between security and functionality you want.
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  5. #5
    Senior Member
    Join Date
    Mar 2002
    Posts
    442
    . . . tell me how can someone break into my rh 7.3 box using a gust account only so that i can prevent the attack
    Only so you can prevent it? Not trying to pass judgment onto you, but wouldn't it suffice to tell you how to prevent it? And not how to actually gain root. Syini666 and Cybr1d bring up some good basic ideas, but if you are actually just trying to secure and prevent things from happening to this box I would suggest to do a simple google search on securing a guest account on RedHat or Linux.

    And just curious, why is the guest account very important? Guest accounts by definition are insecure because there is no association to the user, and no way to know or make an educated guess as to who is on that box, or was on it. I would strongly recommend for you to just completely disable or remove the guest account to prevent anything malicious from happening with it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •