Re: [linux-security] Re: Checking remote servers

[ArthaXerxes <xerxes-axx altern org>]

At 18:47 12/05/98 -0400, you wrote:

>With the number of insecure machines out there, unless you had some REALLY
>valuable data, I can't see a hacker going through enough trouble to
>rewrite parts of the kernel to cover their tracks.  I think it they would
>probably just go find a less secure machine.

I disagree, to an extend.
Hacking an insecure machine is not a challenge, experimented hackers like
difficulty. Furthermore, it is a good thing to experience on not sensible
servers some attack scheme to reproduce them on major servers, that do not
have the same sense of humor.


Anyway, if you are really hacked by a l33t hacker, he will not damage your
system, and he may even mail you a fix if he is in a good mood.
It is oubvious that if you are the keeper of valuable data, you cannot even
allow such intrusion.

Of course, those who just try /cgi-bin/php?/etc/passwd and classic holes
without really understanding what they are doing will not cause you problem
if you are doing your job seriously.

But, well, I have seen military servers that let the shadowed password file
accessible via anonymous ftp (and the passwords worked), so I suppose
everything is possible...

---

ArthaXerxes - network hacker/hunter
Evaluation of your security for free and without any prior request.

ArthaXerxes' Archive > http://altern.org/xerxes/
        SMI FAQ bêta > http://altern.org/xerxes/smi/