Date: Tue, 29 Jul 1997 18:45:10 -0400 (EDT) From: Aaron Bornstein <aaronb@j51.com> To: Vincent Poy <vince@mail.MCESTATE.COM> Cc: freebsd-security@FreeBSD.ORG Subject: Re: securelevel (was: Re: security hole in FreeBSD) Message-ID: <Pine.BSF.3.96.970729183123.9258A-100000@j51.com> In-Reply-To: <Pine.BSF.3.95.970729143706.3844g-100000@mail.MCESTATE.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
[Cc list trimmed, I'm assuming most of those people are on the list -- AB] On Tue, 29 Jul 1997, Vincent Poy wrote: > You would think your toaster is unhackable. So is a Leica camera > lens but they still have ways to hack it. Also, just for your > information, the root password isn't even used that often. It is only > used every time the machine boots up since I run screen and I am connected > 24 x7 and reattach the screen session when necessary. > Great, now you've effectively given everyone who sniffs your connection instant root access, no extra passwords necessary. Using screen in this manner merely opens another path to root, through an account not afforded anywhere near the same protection by the operating system. > another machine and tracked him down and killed his connection. jbhunt > was running a portscanner to check for any daemons running on a higher > port number but didn't find any. > Don't forget the possibility of an exisiting daemon (such as telnetd or ftpd) being modified slightly to allow remote access root access to a certain site or (more likely) anyone who presents the proper backdoor phrase/environment variable. [I believe JKH mentioned this already] > True but the problem is we wished we had console access. If we > did, none of this would even happened I think. > Bullshit. If console access was available, the only portion of this process that would be made easier is the cleanup. Console access does not significantly raise your chances of -preventing- attacks. --Aaron
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970729183123.9258A-100000>