[ale] hackers and thier methods

Michael H. Warfield mhw at wittsend.com
Tue Feb 19 20:43:41 EST 2002 

On Tue, Feb 19, 2002 at 05:58:54PM -0500, Chris Fowler wrote:
> No.  You are in control of your equipment.  Certain pieces of equipment lend
> themselves to being better
> secure then others.  Not due to the nature of the services running on it.
> But due to the nature of the envirnment on the
> equipment.

> Some embedde quipment has hackable protocols.  That is the nature of using
> any software.  But just because
> they are hackable does not mean the hacker will be sucessful.  Personally I
> do nt support the use distro + PC = firewall.
> A product that is built for this may be better suited.  It just scares me to
> load RH 7.2 on a box and configure it as a firewall.
> If I get hacked all the tools are there for mischief.  If it is on n
> embedded piece of equipment then maybe nothing is there of use if they
> gain a shell.  Who knows?

	The serious counter arguement to that can be found in the
problem that is a front burner issue today.  SNMP.  AKA...  Security
Not My Problem.  Seems that a LOT of embedded devices have SNMP
support which is vulnerable to a lot of havoc.  You may not be
able to get a shell but you can certainly kick him in the dirt
and then where are you?  With an embedded device, you may not
have much control over shutting that sucker down.  Hint: MOST
DSL and cable modems have SNMP enabled and you will play hell
to get rid of it.  Try and get it upgraded, too...  :-/  And,
yes, that nasty SNMP tool IS capable of kicking cable modems in
the dirt.

	Using a full distribution for a firewall is not a good idea.
Using a distro tuned as a firewall is not bad.  And you have control
over what's running on it.  And you can upgrade the software when
something turns up like SNMP has just now done.  The Linux distros
all have that fixed.  I'll bet you can't even turn your "appliance"
SNMP off.

> Chris
>   -----Original Message-----
>   From: Stephen Turner [mailto:artic_knight at yahoo.com]
>   Sent: Tuesday, February 19, 2002 5:43 PM
>   To: ale at ale.org
>   Subject: [ale] hackers and thier methods
> 
> 
>   so i remove all these packages from my box, should i bother removing vi?
> it offers no hacks as i see it but i suppose my REAL question is, can a
> linux hacker or someone hacking linux run programs outside of your box that
> will configure, alter the box? or do you have to add programs such as a text
> editor in order to alter text? and what stops them from installing or
> "planting" them on my server?
> 
> 
> 
> 
> ----------------------------------------------------------------------------
> --
>   Do You Yahoo!?
>   Yahoo! Sports - Coverage of the 2002 Olympic Games

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list