Re: root login

To: debian-gtk-gnome@lists.debian.org
Subject: Re: root login
From: Michael Toomim <toomim@uclink4.berkeley.edu>
Date: Wed, 30 Apr 2003 09:51:15 -0700
Message-id: <[🔎] b8ours$rau$1@main.gmane.org>
In-reply-to: <[🔎] 20030430110858.GE30525@jaimedelamo.eu.org>
References: <[🔎] 20030425164022.GC494@lazarus> <[🔎] 1051291323.3ea96ebb18853@mail.dominicanrepublic.com> <[🔎] 20030426043435.GF494@lazarus> <[🔎] 3EAAF3B3.1020303@ocf.berkeley.edu> <[🔎] 20030427025246.GB4889@lazarus> <[🔎] b8jtq0$7um$1@main.gmane.org> <[🔎] 20030429144238.3962eec8.hylke@pkedu.fbt.eitn.wau.nl> <[🔎] b8mgli$i2l$2@main.gmane.org> <[🔎] 20030429195327.GA30525@jaimedelamo.eu.org> <[🔎] b8ms05$gqr$1@main.gmane.org> <[🔎] 20030430110858.GE30525@jaimedelamo.eu.org>

Jose Carlos Garcia Sogo wrote:

On Tue, Apr 29, 2003 at 02:50:02PM -0700, Michael Toomim wrote:

  And how services are being runned in each one? Is the Linux one a net
  server and the windows one a desktop box? Are you taking care of

Yes. That's my point. People break into servers more than desktopmachines because then they can host warez on servers. But of course,any unix *desktop* also has the potential to be a server, so it doesn'tmatter if I only use it as a desktop. Crackers will turn it into aserver if they can.

  installing security fixes? Are you taking care of closing services you
  don't need to be provided to the Internet?

Yes, I turned off all unneeded services, etc. The latest breakin was adebian stable (woody) machine that had been upgraded daily with all thelatest security updates. I think this was because of a flaw in thecommercial ssh package (ssh2). I realized after a while that it was areally old version, and nobody at debian seemed to be maintaining iteven though it was a huge security hole. I reported a bug, but it tooka couple months for them to remove it from debian, and I had alreadybeen rootkitted by then.

  Security is something active.

This is an irrelevant point to the thread. I'm not blaming linuxsecurity, I'm just saying that there are a lot of people and programsout there trying to break through linux security systems. That point istrue no matter how hard I'm working to protect my computers.

  But if you get the software from verified locations (which usually
  means Debian, as you can get 99% of the software there) you won't be
  infected.


Well, I got that ssh2 package from debian.  It fucked me over.

The only difference between a multi-user system and a single-user systemfrom a virus-protection perspective is that it's possible to infectmultiple users simultaneously on a multi-user system. That'll *really*slow your workstation to a crawl. :)
  How? I cannot infect another user in this machine, because I don't
  have rights to do so.

Say you have an email virus spreading across the internet. With amulti-user system, a single computer can get infected multiple times --once for each user that runs the attachment in his/her email.

Reply to:

Follow-Ups:
- Re: root login
  - From: Jose Carlos Garcia Sogo <jsogo@debian.org>

References:
- Re: root login
  - From: Jeff Waugh <jdub@perkypants.org>
- Re: root login
  - From: Jenner Almánzar <naldiello@dominicanrepublic.com>
- Re: root login
  - From: Jeff Waugh <jdub@perkypants.org>
- Re: root login
  - From: Michael Toomim <toomim@OCF.Berkeley.EDU>
- Re: root login
  - From: Jeff Waugh <jdub@perkypants.org>
- Re: root login
  - From: Michael Toomim <toomim@uclink4.berkeley.edu>
- Re: root login
  - From: Hylke van der Schaaf <hylke@pkedu.fbt.eitn.wau.nl>
- Re: root login
  - From: Michael Toomim <toomim@uclink4.berkeley.edu>
- Re: root login
  - From: Jose Carlos Garcia Sogo <jsogo@debian.org>
- Re: root login
  - From: Michael Toomim <toomim@uclink4.berkeley.edu>
- Re: root login
  - From: Jose Carlos Garcia Sogo <jsogo@debian.org>

Prev by Date: Re: root login
Next by Date: Re: root login
Previous by thread: Re: root login
Next by thread: Re: root login
Index(es):
- Date
- Thread