[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How secure am I?

hi ya patrick

yup...probably 80-90% of secruity breaches of various sources are
internal...

- samba is not bullet proof... had a major bug/exploit in it about
  2 months ago...

- yup .. not as many exploits lately... for sendmail/exim...
	- its been well tested/reviewed ???

have fun
alvin
http://www.Linux-Sec.net...

--
-- http://www.Linux10.org ... linux' 10th Anniversary Picnic/BBQ
--

On Fri, 3 Aug 2001, Patrick Kirk wrote:

> Sorry if I appear complacent below but remember I'm running Woody with
> dynamic IP addressing.  A cracker would need to be very fast and up to date.
> Or to have been watching Swordfish in which case he's have to find someone
> to hold a gun to his head and provide a blonde to give him a blowjob.
> 
> Actually, there's probably quite a few people who would take up cracking
> just for the blowjob!
> 
> | nope... the box is NOT secrure...never is...
> |
> | just depends on who the attacker is...if they wanna get in..they willl
> 
> They won't.  I've never had an intrusion on a public facing box.  Even the
> old ipfwadm rules on Slink make it impossible to get in.  It's important to
> remember that a server that's hacked twice gets taken offline and formatted.
> If it happens to a few boxes, the OS goes out of fashion.  Linux is actually
> very hard to attack from outside the firewall.  Most serious hits come from
> employees.
> 
> | there is no point nowdays to be running discard, daytime, time
> 
> Damned if I know why they are there.  Sometimes Linux seems swamped in
> cruft.  But when I cut it away, sometimes things break :-(
> |
> | no reason to run netbios-ssn unless its a samba server that
> | requires/allows winXX users to write data to this machine
> 
> It is.  My kids use it to store games.  And I know security conscious folk
> hate this.  But samba is bullet-proof.  I've never heard on an exploit that
> can get past eth0 if samba is restricted to eth1, or ppp0 if samba is
> restricted to eth0.  These bindings do work.
> |
> | ssh is being attacked/exploited on a regular basis
> 
> Is OpenSSH capable of being taken down from outside the firewall?  ssh is
> the main reason I like Linux. In my last house, I had ADSL and no Linux
> drivers.  I worked in the top floor with the server in the garage.  I got
> heartily sick of having to traipse down the stairs to open and close the
> connection every time the DSL network went funny.  I yearned for ssh.  Sad
> or what?  Luckily now I have Linux I can return to normality and yearn for
> Cameron Diaz.
> 
> | smtp is notorious for exploits...
> 
> Um.  No it isn't.  Its notorious for being left open.  Even old sendmail
> hasn't had a seriuos exploit in years, let alone exim.  Actually, has exim
> ever been used to take down a server from outside the firewall?
> 
> | http is being attacked/exploited regularly...
> 
> Last apache exploit with root access was over 3 years ago.   Perhaps it can
> be be used as a trojan but I'm not perpared to worry about that.
> 
> | printer is attacked regularly...
> 
> Oh.  Is there a way to bind printer to an interface?
> 
> |
> | so far...all the ports you have open are those that exploits already
> | exists.....
> | - run the exploits and see if it gave a reg user root access
> 
> That's a bit time consuming.  I could pull Cameron Diaz in the lenght of
> time that would take...and it should be less frustrating!
> 
> What's the general opinion on Port Sentry?  It stops nmap on the remote host
> I was using but I hadn't bothered to use stealth.
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>
Reply to: