Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ok, so you know this is a bad idea. If your Linux server is connected to the net, and someone is able to put a sniffer on your box you're basically fscked. Read man login, look for /etc/securetty, for devices add the pseudoterms under /dev/pts/ .
Originally posted by unSpawn Ok, so you know this is a bad idea. If your Linux server is connected to the net, and someone is able to put a sniffer on your box you're basically fscked. Read man login, look for /etc/securetty, for devices add the pseudoterms under /dev/pts/ .
but sniffing the network would require root acess or a high level user acess to the machine correct? or root acess on the windows box...
cacheflow: ()require root acess or a high level user acess () or root acess on the windows box...
Ok, so how would a cracker get access to a box that runs some unprotected and vulnerable version of any lpd/BIND/sendmail/RPC daemon, or tru a user account with access to, say, a vulnerable version of any SUID app, old version of man, cdrdao, sudo+postfix, etc, etc?.. Hmm, then there's the concept of "trusted relationships", for example something like the old fetchmail bug shows. This way a cracker would try to break another box, which in turn would allow for to try and gain access to the "target". Never seen the "default password lists" for targets like Cayman's, Bay Netw. ASN/ARN, Cisco's, Flowpoint DSL routers, As/400's, RS/6000's, etc, etc?
*Btw, Im not propagating malicious activity here, just showing there's lotsa possibilities for ppl with too much time on their hands out there. Ofcourse there's lotsa fixes as well, some ppl just forget to implement 'em :-[
And unless you're running NT4/W2K/XP you're always "root" on a Wintendo box, and Im not going into breaking NT4/W2K/XP, its been in the news for about, what, 6yrs now :-]
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
