Re: /lib/security/.config

From: David Hart (news-post@mcdh.co.uk)
Date: 03/13/02

• Next message: Zoro: "Re: Prevent SSH Version Info?"
• Previous message: Tim Haynes: "Re: /lib/security/.config"
• In reply to: Peter Eddy: "Re: /lib/security/.config"
• Next in thread: Mike Ingle: "Re: /lib/security/.config"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: David Hart <news-post@mcdh.co.uk>
Date: Wed, 13 Mar 2002 18:55:47 +0000

Peter Eddy <petere@atg.com> wrote:

> David Hart wrote:
>>
>> So you're saying that with your 'personal' firewall you've been cracked
>> often enough to gain an opinion on what crackers install? Kind of
>> devalues the perceived value of your experience, doesn't it?
>
> By personal I mean a firewall for my home network, one not used for a
> business. I don't think that's an uncommon enough use of the term
> "personal firewall" to warrant the apparently pejorative quotes in your
> comment.

I was merely emphasizing that your opinion about 'most rootkits' was
derived from your experience with your _one_ personal firewall. Hardly
likely to be of value anecdotally, let alone statistically.
 
> As far as my record, I've had the firewall in question for about six
> years. Four cracks in six years isn't a bad record for a non diligently
> maintained home Linux based firewall with a static IP address. The most
> recent one was the SSH vulnerability and I was cracked just hours after
> learning about it.

Well my first reaction, on learning of a vulnerablility of a service I
was running, would be, if it was reasonably possible, to disable that
service and block it at the firewall until a fix was available.

Now if you'd said that you were cracked a few hours _before_ learning
about it . . .
 

-- 
David Hart
david@mcdh.co.uk

---

• Next message: Zoro: "Re: Prevent SSH Version Info?"
• Previous message: Tim Haynes: "Re: /lib/security/.config"
• In reply to: Peter Eddy: "Re: /lib/security/.config"
• Next in thread: Mike Ingle: "Re: /lib/security/.config"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Hacker in my computer ... I think someone used a sniffer to get my passwords as I used telnet to ... > I was always online and I guess a big target for crackers since I was online for ... > several weeks before I set up my firewall. ... (comp.os.linux.security) Re: /lib/security/.config ... >>> So you're saying that with your 'personal' firewall you've been cracked ... >>> often enough to gain an opinion on what crackers install? ... Four cracks in six years isn't a bad record for a non diligently ... > It doesn't excuse you getting cracked through negligence, ... (comp.os.linux.security) Re: /lib/security/.config ... >> personal Linux firewall I've noticed that crackers have never bothered ... recent one was the SSH vulnerability and I was cracked just hours after ... (comp.os.linux.security) Worst case scenario..... ... No firewall on Linux box or anything else....virus definitions on the Win ... what exactly the crackers would be doing to exploit this. ... Linux machines seem to be pressed into service as firewalls/gateways and ... (comp.os.linux.security) Worst case scenario..... ... No firewall on Linux box or anything else....virus definitions on the Win ... what exactly the crackers would be doing to exploit this. ... Linux machines seem to be pressed into service as firewalls/gateways and ... (comp.os.linux.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2002-03