linux security wargame testing. interested? - Page 4
Page 4 of 4 FirstFirst ... 234
Results 31 to 34 of 34

Thread: linux security wargame testing. interested?

  1. #31
    Senior Member
    Join Date
    Feb 2005
    Posts
    153
    Msmittens I will certainly consider that. I'm not going to do an entire lock down, but it never hurts to secure the box to it's upmost capability. Could you go a bit more in depth on how sendmail could be exploited locally, even if the daemon is not running? Give those other people who may be watching this thread a good idea on what to look for in their own machines.
    \"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
    - Charles Darwin

  2. #32
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Hrmm... it was a while ago but I believe it was a prescan() buffer overflow exploit that I ran across. It was a bit funny since it was a demonstration to students (made it a little too easy) and literally gave me root on the box even though the machine wasn't running sendmail officially. Just by virtue of it being used to send mail between users locally meant the system could be compromised. The original C code should be searchable on Packet Storm Security
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #33
    Senior Member
    Join Date
    Feb 2005
    Posts
    153
    Server seems to be down for some odd reason. Roommate probably turned it off (sob), and I'm away from my house right now so I'll see what I can do in a few hours.
    \"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
    - Charles Darwin

  4. #34
    Senior Member
    Join Date
    Feb 2005
    Posts
    153
    Server is back up and running. Also completely removed the sendmail package from the system.
    \"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
    - Charles Darwin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides