Re: /lib/security/.config

From: David Hart (news-post@mcdh.co.uk)
Date: 03/13/02


From: David Hart <news-post@mcdh.co.uk>
Date: Wed, 13 Mar 2002 18:55:47 +0000

Peter Eddy <petere@atg.com> wrote:

> David Hart wrote:
>>
>> So you're saying that with your 'personal' firewall you've been cracked
>> often enough to gain an opinion on what crackers install? Kind of
>> devalues the perceived value of your experience, doesn't it?
>
> By personal I mean a firewall for my home network, one not used for a
> business. I don't think that's an uncommon enough use of the term
> "personal firewall" to warrant the apparently pejorative quotes in your
> comment.

I was merely emphasizing that your opinion about 'most rootkits' was
derived from your experience with your _one_ personal firewall. Hardly
likely to be of value anecdotally, let alone statistically.
 
> As far as my record, I've had the firewall in question for about six
> years. Four cracks in six years isn't a bad record for a non diligently
> maintained home Linux based firewall with a static IP address. The most
> recent one was the SSH vulnerability and I was cracked just hours after
> learning about it.

Well my first reaction, on learning of a vulnerablility of a service I
was running, would be, if it was reasonably possible, to disable that
service and block it at the firewall until a fix was available.

Now if you'd said that you were cracked a few hours _before_ learning
about it . . .
 

-- 
David Hart
david@mcdh.co.uk



Relevant Pages

  • Re: Hacker in my computer
    ... I think someone used a sniffer to get my passwords as I used telnet to ... > I was always online and I guess a big target for crackers since I was online for ... > several weeks before I set up my firewall. ...
    (comp.os.linux.security)
  • Re: /lib/security/.config
    ... >>> So you're saying that with your 'personal' firewall you've been cracked ... >>> often enough to gain an opinion on what crackers install? ... Four cracks in six years isn't a bad record for a non diligently ... > It doesn't excuse you getting cracked through negligence, ...
    (comp.os.linux.security)
  • Re: Maybe a bit OT, maybe not.. in any case an interesting article
    ... The crackers examine the patches to find out where the ... having a good router and other firewall protection. ... And the most common types of exploits are not other users contacting your machine, but you inadvertedly and unknowingly downloading software that exploit your system, and that software then connects to some exterior host, thereby setting up an access vector to your computer. ...
    (comp.os.vms)
  • Re: Maybe a bit OT, maybe not.. in any case an interesting article
    ... The crackers examine the patches to find out where the ... having a good router and other firewall protection. ... And if you read what I replied to, that poster explicitly pointed out that he was not referring to the firewall built into Windows, but external fire walls. ... I could also point out that the built in protection tools are not really that good at protection you either... ...
    (comp.os.vms)
  • Re: /lib/security/.config
    ... >> personal Linux firewall I've noticed that crackers have never bothered ... recent one was the SSH vulnerability and I was cracked just hours after ...
    (comp.os.linux.security)