Solved

linux vulnerabilities

Posted on 2001-06-04
7
319 Views
Last Modified: 2011-09-20
what are the ways that a hacker can gain access to a linux system? no need to give step-by-step details on how to hack but give applications that may have loopholes and/or how to make a linux box secure. for example, the bind vulnerability.

thanks.
0
Comment
Question by:wsanchez
7 Comments
 
LVL 17

Accepted Solution

by:
psimation earned 50 total points
ID: 6153702
Well ANY service that allow a user from outside to access the system legitemately is open for atack. It's like the old saign, if the lock has a key, it can be picked...
So, the real trick is to not have any unnecesary services open, and to configure those that need to be open as secure as possible. Those services that are open, should also be kept up to date via updates from the redhat site for instance ( good example is the bind exploit which quickly had a "cure" via redhat.com and others ), I think the password is to do maintenance and checks regularly and to update as soon as a known exploit becomes available.
There are also certain services that although "legitemate" are less secure than others, telnet is one of the biggest culprits, cause when loggin in to a server the password is contained within the actual network packet, and anyone sniffing the connection will see your password. That is the main reason why telnet is rarely used on machines connected to the internet anymore, and the industry standard is now SSH.
Same goes for poorly configured ftp servers. Allowing anonymous access to your ftp server can cause you alot of problems with users being able to wander around the system. Although they cannot edit or delete files, they usually can download files that might contain valuable data for a cracker.
There are also malicious crackers looking to inflict damage to your system by attacking the services on your box in the hope of bringing your box down. And again, with all of these "expliots" the best weapon in your arsenal is regular updates and a well configured system with as little as possible services running.
0
 
LVL 1

Expert Comment

by:Haho
ID: 6159149
common sense tips that I apply :)

1) run only the necessary applications /services
2) patch, patch and patch..
3) subscribe to security mailling list like CERT, SANS, etc
4) run good tools : Snort (IDS), Tripwire, Nessus
5) implement a free software based firewall if you need more security (IP Filter, IPfw, IP Chains)
6) use encryption wherever possible (SSH instead of telnet)
7) pick a hard password to crack

Cheers


0
 
LVL 1

Expert Comment

by:Haho
ID: 6159153
i forgot tcpwrappers tool....  :)
to control access by IP/domain and logging.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 5

Expert Comment

by:BlackDiamond
ID: 6168947
Yep, good info from everyone.  Here's a few things that you can do to try to make a more secure box :

- start from a barebones installation (nothing but the basic packages).
- remove all clear text authentication apps that were installed by default (ftp, telnet, etc).
- remove all apps that create any listening ports (including linuxconf).
- remove all unneccessary tools that hackers might like (like ip-utils).
- install ssh if remote access is necessary
- run any necessary network apps in their own chroot environments.

- rename the "id" command, and create a script that updates your ipchains rules to block the ip address of anyone that runs it (cute trick I learned from one of the security gurus, works quite well...  What's the first thing a hacker wants to know when they get into your box, hehe :->)

+ everything that psimation and haho suggested...
0
 

Expert Comment

by:CleanupPing
ID: 9078792
wsanchez:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9975913
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: psimation {http:#6153702}

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

majorwoo
EE Cleanup Volunteer
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now