[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linuxtag

Russell Coker <russell@coker.com.au> writes:

>> Ok, then we have one ftp Server. :)
>> Do you have an SE Enhanced FTP Server ? :)
> I have a policy for ftp servers that is quite restrictive.  We could 
> intentionally install an old FTP server with a security hole if you
>> like.  ;) 

Och. No. :)
install muddleftpd :)

> Someone who breaks it will only be able to run "ls" and can't write to any 
> file.  The only raised priviledge level of the FTP server is the ability to 
> log to syslog.

Hmm, muddleftpd is out then. It has its own logging :)

> One of my future plans is to write some sample exploitable programs and 
> exploit programs for them, then I can demonstrate how such programs allow 
> root exploits on unprotected systems but don't allow anything on SE systems.

Hmm, sounds nice.
This Linuxtag has a very good site: I get a full configured Debian SE
System. (And i kill you if you rm -rf / that on 9. Juni ! ) :))

begin  OjE-ist-scheisse.txt
bye, Joerg
Registered Linux User #97793 @ http://counter.li.org

To UNSUBSCRIBE, email to debian-events-eu-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: