LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Very curious (https://www.linuxquestions.org/questions/linux-security-4/very-curious-300463/)

chbin 03-11-2005 01:10 PM

Very curious
 
Assuming I do a complete internal port scan of my linux box. Then turn off all listening services. Then even if I removed my firewall no one could hack my box. Is this correct?

All they could do is scan me, know that i'm acually there and see all ports closed. Nothing to connect too, and so I can't be hacked?

But they could they lauch some type of attack against my tcp/ip stack, and bring my computer down, correct? ping of death or something like that. But still they can't hack my box, just annoy me. Is everything I'm saying correct?

frieza 03-11-2005 01:24 PM

no box is completely secure

chbin 03-11-2005 01:32 PM

frieza you are kinda lite on the words. care to elaborate a little. specefically with my logic and where it breaks down if it does. thanks.

frieza 03-11-2005 01:42 PM

sorry... no matter how hard you try to secure your box, there will be someone out there who will find a hole in that seurity, the question is not that there is no way to make a box 100% hack proof, you can secure it to the point where it's not worth their time to try and hack you.

PTrenholme 03-11-2005 01:56 PM

If you'd really like a "hack-proof" box, pull the Internet connection plug (because, otherwise, you've allowed data not produced by you to enter the box.)

Then place the box in a locked room, and unplug it from any power source.

This, I believe, would be totally secure. And, of course, totally useless.

My point: What, exactly, do you mean by "hack-proof?" Remember, most "hacks" (of Linux systems, not MS stuff) are done by "trusted users" who abuse their access privileges or just "give away" their password(s).

Even the original MULTICS system was certified only to level B, but that was "good enough" for the White House to use it for its mail system. (During Nixon's term in office.)

chbin 03-11-2005 02:01 PM

again can I have specific details as to my argument. WERE DOES MY LOGIC FROM MY FIRST POST FALL APART. specific detail.

For Example ...Something like here is why you argument is faulty... if someone can attack my tcp/ip stack then they could create a buffer overflow turning a service on and then attack that service and so on and so on and so on...

I just made that up. I don't think it's even remotely possible. So is the arguemnt i put up in my first post indeed correct. I believe it to be so. Unless someone could give me a specific detailed reason as to why it falls apart?

I really not here to mess with anyone I'm just trying to learn and would like some serious technical replies as to my agrument. Thank you in advance to anyone how can enlighten me.

slacky 03-11-2005 02:17 PM

Yes, you'd be pretty secure but could still be hacked thrugh a hole in the TCP/IP stack. You could also be hacked through a client program on your end, ex. web browser, email program, etc. Even if you have a firewall, whose to say there's not a security hole in that anyway.

chbin 03-11-2005 02:29 PM

Good stuff slacky. Thanks. So my assumption is correct with no services listening on any port the a hole in the TCP/IP stack would be the only thing to attack. Do you or anyone know of, or have ever know there to be a hole in the TCP/IP stack that would allow an attacker to gain access to my system. The attacker could of course bring you system and annoy you but could he acually gain access? I don't think so, am i correct.

And yes absolutely my web browser, email, and whatever other client program that listens on ports would temporaraly increase my attack surface while they are running, but lets just put that aside for the moment and talk about the base system that i put forth in my argument. Good stuff though slacky. Anyone else have any technical comments about this post.

chbin 03-11-2005 03:09 PM

Put a little more clearly. Assuming my first post is done then ...

Attack Surface = TCP/IP stack

There is absolutely nothing else there to be attacked. So that brings it done to one and only one question. Has there ever been a hole in the linux TCP/IP stack that has been exploited to grant access to the system? Is it possible, sure, anything is possible. And sure they could attack the TCP/IP stack and crash the sytem. I don't care. More relevant is has anyone ever found a way to gain access to the system through the linux TCP/IP stack?

frieza 08-05-2005 09:29 AM

this thread is old... but slacky has a point... even with a firewall, that won't stop someone from exploiting a hole in say, your web browser, IM client, or ftp client, etc... to install a trojan/backdoor of some soort, then just march in.

tkedwards 08-08-2005 06:35 PM

Quote:

Attack Surface = TCP/IP stack
Theoretically yes. But as soon as you start trying to do something with your computer you will have to start network-enabled services, for example the X server will be started to run any graphical apps. So unless you just want a pretty useless computer with just a kernel running, and nothing much else, you should configure a firewall.

Quote:

There is absolutely nothing else there to be attacked. So that brings it done to one and only one question. Has there ever been a hole in the linux TCP/IP stack that has been exploited to grant access to the system? Is it possible, sure, anything is possible. And sure they could attack the TCP/IP stack and crash the sytem. I don't care. More relevant is has anyone ever found a way to gain access to the system through the linux TCP/IP stack?
I'd say there almost certainly would have been at some time in the past. I'm not sure that there have been any recently, ie. in the last few years.

Capt_Caveman 08-08-2005 07:17 PM

There are also other types of attacks that don't require abuse of a service daemon. Things like ARP poisoning, routing table manipulation and other types of MITM attacks can all be used to compromise a system. They wouldn't do it by themselves, however you could realisitically imagine a scenario where a MITM attack is used to trick a user into revealing a sensitive username/password.

primo 08-08-2005 08:25 PM

A year ago, there was a serious and exploitable bug in netfilter that could be triggered if you were logging TCP options. These holes appear from time to time. Keep up to date with latest vulnerabilities.

Don't understimate the potential holes in web clients, archivers, graphics & multimedia programs. Don't run these things as root

Matir 08-08-2005 10:42 PM

If you run no services and keep your kernel up to date, you are reasonably safe. I, however, run a dedicated hardware firewall, as well as client firewalls, and keep kernels and software current. I'm still not 100% secure: you never can be. But most hackers will give up and move on to another, easier, target.
Quote:

When you're swimming in shark-infested waters with your friend, you don't have to outswim the shark. Just your friend.
:)


All times are GMT -5. The time now is 04:09 AM.