SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
But even if one managed to get access to someones box via some bad browser plugin or something, he would only have user rights on that machine. This reduces the harm that could possibly done to deleting the users downloads from the aforementioned www.penispills-pron-and-warez.com. Of course it's necessary to apply security updates and have strong passwords, but basically the linux security model is strong by itself. It requires the user to think though. (And that's a good thing )
Heh, that's cute. I'll give you an example:
They get in through there and then have access to only that user's account.
after that they use a local exploit or 0-day to get priv escalation, and THEN they have root though a browser.
For the record I never said Slackware or an OS was at fault for a design flaw on some idiot's plug in, I just said it would work to get you in.
Quote:
And, as you already denoted: The only secure box is of course one that is safely locked away in a room without electricity.
I agree. Even if that DOES make it about as useful as Windows NT.
SlackWareWolf, a lot of those attacks you posted are the fault of the web designer and not the OS (SQL injection? That's largely OS-independent and is due to crappy webpage writing).
Read what I said, I didn't say it had a thing to do with the OS. I just said it was a way in.
Quote:
I'd be more than happy to admit Linux is less secure if I found actual evidence, but I don't think that page is it. (I'm also too lazy to go look for more evidence, but if you really want to make your point feel free)
I wouldn't. Linux gives you a chance to do something you can't do in Windows; Become good enough, or hire someone who's good enough, to basically hack the Kernel itself down to NOTHING but what you have to have to run a server, and basically drop ALL packets that aren't related.
That's something you can ONLY do in UNIX as Windows just doesn't give you shit in the way of Kernel configuration.
I have a friend who works in a VERY secure area. He's one of the BEST Hackers I know. He basically has taken a handful of servers, and hacked the server right into the Kernel and stripped out everything else that isn't needed for the machine to boot. All packets not related to that service are dropped, and basically, that us one of the most secure servers around.
By the way, when I say "hacker" I'm not referring in any way to brain dead morons in the media who think a kid downloading a DDOS tool is somehow a hacker. My friend is a true hacker. And one of the few people I know who codes in the Kernel. Which is probably why he makes as much as he does every year heh.
That's how you lock down a box! I can't even begin to think of how I'd do that, but I know it's pretty damn hard to get in after someone has taken time to do it. I mean really they don't even need to update, any packet sent from someone trying to get in is dropped and since the server itself is in the Kernel, you don't need much else. The only thing left is a Kernel basically.
For crappy web page writing, google "goolag" it's basically for that very thing. It's from cDc.
FUD? About what? FUD generally means someone is spreading crap rumors to make something else look better. I haven't ONCE said any OS was better than any other in this whole thing. Other than when I said UNIX based stuff is way easier to lock down because you have access to every part of the system and can lock each of those parts down.
Quote:
Of course you are vulnerable when running httpd, of course you are when running sshd. And so on. But please someone tell me where one is vulnerable not running services like that and not running as root. Read: An average, mildly security-aware desktop user.
turn off all services and don't run as root and I can tell you flat out someone else will be able to.
It's easy. Say a user has no services but is running... Well anything. I'll use BitchX as an example here. An IRC client is fairly common software so I'll go with that.
Well, say that user is on IRC and accepts something from another user and they use a 0-Day exploit for BitchX that allows them to get in from IRC. Well after they're in, they can do priv escalation to get to root.
That has actually happened to a friend of mine. Someone used a 0-Day to get in from IRC, and it was actually Irssi, and then once they got in they did priv escalation to get to root.
Now, how about some other software? How about a web browser? Well, same thing, every piece of code usually has some type of flaw in it, and someone can get in from the browser. Well even if the user isn't logged in as root, they still have access to that account now.
And priv escalation is one of the OLDEST forms of gaining root access on UNIX, and still works. Once they do that, root.
Sure I've rooted machines before too, but all those that I rooted we're old and running really old software, like Slackware 9 when there was already Slackware 11 available and other really old machines, like some Red Hats I don't remember the version but some were around 4-5 or something like it, when there was already Red Hat 8 or 9 available. I never could get a machine with never versions.
Other than the Redhat versions you named off, those are all still supported with security fixes, so that isn't the best point in saying it was because of old software. Now if someone was still running RedHat 8 or 9 NOW, THEN I would say OK that's dumb unless they update and upgrade every part by hand.
Quote:
I know there is some certain % of viruses available for Linux, but Linux has a design which makes it harder to viruses to get through, mainly because no one actually uses root for daily operations, so you infect only your home directory, the system stays stable. And another thing, Linux does have less % of people who use it, but most of all its users are more advanced, more elite if you like it that way. But as Linux becomes more user friendly more "click-click" users migrate from windows to Linux.
That's basically what I said really.
Quote:
And I do realize that just closing down all ports doesn't make it "un-crackable", but it sure makes it harder.
Yup, basically what I said.
Quote:
Oh and brute-force is actually really stupid,
Yea, I believe my wording was "This is usually only done by amateurs against other amateurs who are vulnerable to it" or something like that.
Quote:
I had a couple of laughs when I went through the logs, what kind of usernames it's trying to crack etc. I've applied a protection against it only because it was making log reading so much harder(I don't use any special tools for log checkup, plain VIM), so I've applied blockhosts or what's it called to stop them a little bit. I also disabled root login through SSH, and in /etc/shadow I changed roots password with a *, and configured sudo for my self and my other server admin. I've tried a local brute-force on /etc/shadow to see if I can crack some passwords, left it running for like 5 days or so, none could be cracked. I even control my outbound traffic on the server so I think my box is pretty secure, not un-crackable though, which I think none is.
Nice. One thing you may like, is in SUSE Linux, they have this "seccheck" and "security scripts" that run every night and then it takes the results AND all the logs that are "caution" or whatever (you set the level of logging you want and what you want to look at) and it emails the whole thing to you every night along with a list of SUID and other files to watch for and also runs a password cracker to tell you if any passwords should be changed.
Also it shows open ports too.
I really thought it was great, it made that job MUCH easier. Basically I'd get an email every night (You tell it what email address to use and can tell it to send them to root AND another email addy so you can have a good copy of them sent to a Gmail account or whatever for offsite back ups of logs) and then I cdould sit and read what accounts were there, if any updates were available, everything. It's a great litle set up they have there
Should work fine in Slackware too. SUSE was originally just a German translation of Slackware Linux before they started making their own distro which was actually BASED on Slackware for a long time, and I think it still is but I haven't checked in a while.
They started their company selling Slackware on CD and doing translations into German.
SUSE is the second oldest distro, and that is basically because they didn't start until Slackware. They really liked it obviously
anyway that is the last reply I think, I had to quote everyone since there were so many replies I didn't want to just reply to everything in one.
Enjoy!
And if you get bored reading my replies, my sig on here, the Myspace one, is a link to MY Myspace account for music.
I make music with LMMS on Linux and upload it on there. Enjoy that too, I'm obsessed with Horror movies
I still prefer the old confirmed way with VIM, but I'll have a look at those scripts you mentioned. But I ussualy have a saying, I don't write 'em, I don't use 'em. I do make exceptions tho.
I still prefer the old confirmed way with VIM, but I'll have a look at those scripts you mentioned. But I ussualy have a saying, I don't write 'em, I don't use 'em. I do make exceptions tho.
Thanks. And yea they are pretty neat. I do like SUSE quite a bit and use it on a few boxes in here.
My music is actually on topic it's made with Linux and uses a GPL app called LMMS
One thing you may like, is in SUSE Linux, they have this "seccheck" and "security scripts" that run every night and then it takes the results AND all the logs that are "caution" or whatever (you set the level of logging you want and what you want to look at) and it emails the whole thing to you every night along with a list of SUID and other files to watch for and also runs a password cracker to tell you if any passwords should be changed.
Also it shows open ports too.
I really thought it was great, it made that job MUCH easier. Basically I'd get an email every night (You tell it what email address to use and can tell it to send them to root AND another email addy so you can have a good copy of them sent to a Gmail account or whatever for offsite back ups of logs) and then I cdould sit and read what accounts were there, if any updates were available, everything. It's a great litle set up they have there
Should work fine in Slackware too. SUSE was originally just a German translation of Slackware Linux before they started making their own distro which was actually BASED on Slackware for a long time, and I think it still is but I haven't checked in a while.
What is "priv escalation" and how can one hinder it?
A "priv escalation", short for "privilege escalation", is where a person who has low level (eg. normal user) access on a machine exploits a flaw in an application that has higher access to gain access to those resources. For example, using a buffer overflow in a program that is setuid root.
run 'find / -perm +4000' to get a list of programs that are setuid.
And a 0-day is an exploit not known of yet by the people who support the application it's in. Therefore there is no fix yet. So basically an exploit you can't defend against really.
well the bsd script has stopped alot of people trying to get on the box,
what i am after is this
web - 80
ftp 2010 (443 pasv 9200:9210)
all connects from lan allowed
all others blocked to ip/dns names
and any other way i can make sure that seeing as the box will be web accessable, i make life for any little tit who wants to try and get in as hard as i possibly can, i do have a router which locks everything but that isnt 100% nor is it so when you open up ports on it and let people in
well the bsd script has stopped alot of people trying to get on the box,
what i am after is this
web - 80
ftp 2010 (443 pasv 9200:9210)
all connects from lan allowed
all others blocked to ip/dns names
and any other way i can make sure that seeing as the box will be web accessable, i make life for any little tit who wants to try and get in as hard as i possibly can, i do have a router which locks everything but that isnt 100% nor is it so when you open up ports on it and let people in
Of course it stops someone trying to get in, but if they're already there it won't do much good. And LAN IPs aren't going to stop anyone from the net. It's not the hardest thing in the world to masquerade as a local IP and get in.
it is when you dont have the first clue of iptables, and that's why im asking how the hell would i make a sh script to configure iptables, the lan ips are my other pc(s) and the xbox360 so really only i use them, im more interested in stopping people getting in not so much getting out
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.