[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: hack concerns

To: klug@xxxxxxxxxxxxxxxx
Subject: Re: hack concerns
From: Bruce Smith <bruce@xxxxxxxxxxx>
Date: Wed, 02 Dec 1998 14:53:34 EST
In-Reply-To: <3.0.5.32.19981202123028.007b0e70@smtp.net-link.net>; from "Tony Gettig" at Dec 02, 98 12:30 (noon)

> I realize that any OS has the potential for having security holes. Would
> anyone care to comment on the risk of the tools on this link? How afraid
> should I be of people who have them (or write them!)? What can/should I do
> to protect my Linux systems from this stuff? Is there any logical reason I
> would want to use these, i.e. root password is forgotten? Should I be
> concerned when I logon to my ISP with Linux? 

There are security risks with Linux, which can be minimized by good
admin/security practices.

First keep up on all security patches.
  If you look at http://www.redhat.com/support/docs/errata.html
  Redhat 5.2 for Intel has 5 updates already, and ALL of them
  are security fixes.  This is the main reason I created BSware
  in the first place - to ease updates and installs with one CD
  that contains all current updates and fixes.

Learn about Unix security.  There are a lot of good books on the subject.
  As an example:  A lot of services are installed by default.  Some of 
  them you may not need, and turning them off can enhance your security.  
  For instance, "telnetd" is almost always installed by default.  If you 
  don't want people trying to login into your machine over the internet 
  (it has happened to me once - unsuccessfully), you have to turn it off 
  manually.  The same goes for Sendmail, ftpd (ftp server) and a lot of 
  other services.

A lot of these exploits require a potential cracker to already have an
  account on your Linux box.  If you are the only user, or you can trust
  your users, this eliminates most of the threats.

A lot of those exploits are for other versions of Unix (AIX, etc), and
  would not be a threat to Linux.  And a lot of the Linux hacks were
  for old versions (Redhat 2.1) which problems have been fixed long ago.

If you follow good security practices, and keep your system up to date
  with the latest errata, Linux/Unix is as secure (if not more secure)
  as most other operating systems.

As far as using these hacks to recover a lost root password, it is not
  necessary.  (and not recommended -- it is not a good security practice
  to run a program from a unknown or hostile site!)  The root password
  can be recovered by normal admin procedures, proviced you have physical
  access to the machine.

> I'm not trying to encourage the download and use of this stuff, ...

Nice disclaimer.  You must work for a lawyer!  ;{)

> Thanks for any comments. I really enjoy reading this mailing list and have
> learned a LOT about Linux from it and conversations with KLUG members at
> the few meetings I've been able to attend. I plan to attend much more as we
> reach the turn of the year. I've been able to convert my home system to
> primarily run RH5.1 (I can optionally boot to Win95 for a certain app and a
> couple of games), and I must say it is great! KDE is very slick and I'm
> looking forward to Bruce's presentation on it. Bye for now!

Sure, try and butter me up after posting Linux hacks!  :{)  [Just kidding!]

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------

Follow-Ups:
- Re: hack concerns
  - From: Mark Storer

References:
- hack concerns
  - From: Tony Gettig

Prev by Date: Comparison of NT & Unix
Next by Date: Re: hack concerns
Prev by thread: hack concerns
Next by thread: Re: hack concerns
Index(es):
- Date
- Thread