Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-26-2006, 04:43 PM
|
#1
|
Member
Registered: Sep 2005
Location: Warsaw, Poland
Distribution: Slackware 10.2, Caldera OpenLinux 3.1, Corel Linux (Thanks xhi!), Debian GNU/HURD etc...
Posts: 296
Rep:
|
CLose one -- desktop almost compromised.
Jesus, I got almost compromised a few days ago. Fortunate I had chrootkit installed, because I suddenly had root login on ttyp0.
I quickly cut that one off, but a few of the text files in /root contained only " --||--". Must have been one of those damn script kiddies... Cause who would care to break into a desktop?!
|
|
|
01-26-2006, 06:04 PM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,415
|
I got almost compromised a few days ago. Fortunate I had chrootkit installed, because I suddenly had root login on ttyp0.
That is not a logical conclusion: if you had an unauthorised root account login your box probably *is* compromised. Did you already start investigating it?
Cause who would care to break into a desktop?!
Because you practically invited them in? Or because Linux is a more versatile and powerful platform?
|
|
|
01-26-2006, 06:51 PM
|
#3
|
Member
Registered: Sep 2005
Location: Warsaw, Poland
Distribution: Slackware 10.2, Caldera OpenLinux 3.1, Corel Linux (Thanks xhi!), Debian GNU/HURD etc...
Posts: 296
Original Poster
Rep:
|
Yes, I did investigate. Pretty much nothing... but at least I know and have fixed the security issue. I don't think that a man who encrypts his hd, mixes is nine-symbol password with blf and is behind a firewall invites every passing kiddie. And, man -- think what you are saying. Both BSD and Linux are secure and versatile. Come on, spread linux advocacy, but don't be a fanatic. Say, OpenBSD. Is there a Linux that is _half_ as secure?
|
|
|
01-26-2006, 07:29 PM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,415
|
BTW, this the Linux - Security forum: you may show your leet BSD pissing-contest-fu in the LQ /General dojo.
Last edited by unSpawn; 01-26-2006 at 08:03 PM.
|
|
|
01-26-2006, 07:45 PM
|
#5
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by BinJajer
at least I know and have fixed the security issue.
|
what was the security issue?? how did you fix it??
how do you know they didn't leave any other backdoors, etc?? if they had root your system is pretty much untrustable until you re-install...
Quote:
I don't think that a man who encrypts his hd, mixes is nine-symbol password with blf and is behind a firewall invites every passing kiddie.
|
disk encryption does absolutely nothing as far as OS exploits are concerened...
Quote:
And, man -- think what you are saying. Both BSD and Linux are secure and versatile. Come on, spread linux advocacy, but don't be a fanatic. Say, OpenBSD. Is there a Linux that is _half_ as secure?
|
before this thread turns into a pissing contest (i have a feeling that it will), i'd like to remind you that security is a P-R-O-C-E-S-S, not a product... just cuz you install openbsd doesn't make you any more secure than a [insert favorite distro here] linux user... it depends on many factors, like your skills/experience, for example...
Quote:
who would care to break into a desktop?
|
someone wanting to send-out 3,000 SPAM messages per minute maybe?? or someone wishing to make a nice addition to their botnet, keeping you on standby for their next big DDoS?? the list of "who" is endless...
they need not be after your info, but resources such as bandwidth are very attractive to a lot of people and the worms they give birth to...
Last edited by win32sux; 01-26-2006 at 07:50 PM.
|
|
|
All times are GMT -5. The time now is 11:14 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|