[ale] Cracked many Linux systems

Jonathan Rickman infosec at alltel.net
Wed Mar 28 09:52:14 EST 2001 

On Wed, 28 Mar 2001, Bob's ALE Mail wrote:

> One knowledgeable security expert estimated that the average life of an
> unhardened Red Hat 6.2 system on the Internet (before being cracked)
> is two weeks.

Depending on who you speak with, I may or may not be considered fairly
knowledgeable so take this for what it's worth.

<RANT>
At the present time, anyone who places a stock RH 6.2 box on the public
Internet would be extremely lucky to make it two DAYS. I'm still getting
IDS logs from Ramen, nearly three weeks after the worm went public. It's
still out there. Haven't got hit by Lion yet, but I'm sure that will
change by the end of the day. I've heard of RH 6.0 boxes being compromised
within hours of the first boot. I've seen my own systems probed within
seconds of coming online. If you're on a cable or DSL connection, these
rules do not apply to you. You WILL be cracked in the first few days.
Don't tempt fate. If nothing else, go to freshmeat and download
pmfirewall. Linux has earned a decent reputation when it comes to security
but this is rapidly changing. Perception is everything. If every Linux
user takes the appropriate steps to secure their systems we, as a
community, might be able to step out of the way of the freight train that
is currently bearing down on us. That freight train is loaded with
corporate execs that hold the future of our beloved OS in their hands.
If we destroy the Linux reputation through blatant stupidity we will see
Linux relegated to "hobby status". Personally, the thought makes me sick.
But the fact remains, Linux didn't really take off until the gaze of the
corporate world fell on it. The pace of Linux development has tripled in
the last three years. Don't kid yourselves, it's not because the open
source community is that dedicated...it's because someone tossed enough
money into the pot to allow many in the community to turn their hobby into
a full time job. Right now the statistics show Linux slowly losing ground
to W2K in terms of overall system security. We all know that this isn't
true. Misconfigurations (or no configuration) can weaken any system. It
just so happens that, at the moment, more folks are screwing up with
Linux. This trend has to stop...
</RANT>

If anyone out there in ALE land has a question related to security, please
do not be afraid to ask. I am willing to help any home user or non-profit
org who asks, and I'm fairly certain that if I can't answer your
questions...someone on this list can.

<MINIRANT>
It wouldn't hurt if the vendors started locking down their distros by
default either.
</MINIRANT>

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net



--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list