Solved

linux vulnerabilities

Posted on 2001-06-04
7
335 Views
Last Modified: 2011-09-20
what are the ways that a hacker can gain access to a linux system? no need to give step-by-step details on how to hack but give applications that may have loopholes and/or how to make a linux box secure. for example, the bind vulnerability.

thanks.
0
Comment
Question by:wsanchez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 17

Accepted Solution

by:
psimation earned 50 total points
ID: 6153702
Well ANY service that allow a user from outside to access the system legitemately is open for atack. It's like the old saign, if the lock has a key, it can be picked...
So, the real trick is to not have any unnecesary services open, and to configure those that need to be open as secure as possible. Those services that are open, should also be kept up to date via updates from the redhat site for instance ( good example is the bind exploit which quickly had a "cure" via redhat.com and others ), I think the password is to do maintenance and checks regularly and to update as soon as a known exploit becomes available.
There are also certain services that although "legitemate" are less secure than others, telnet is one of the biggest culprits, cause when loggin in to a server the password is contained within the actual network packet, and anyone sniffing the connection will see your password. That is the main reason why telnet is rarely used on machines connected to the internet anymore, and the industry standard is now SSH.
Same goes for poorly configured ftp servers. Allowing anonymous access to your ftp server can cause you alot of problems with users being able to wander around the system. Although they cannot edit or delete files, they usually can download files that might contain valuable data for a cracker.
There are also malicious crackers looking to inflict damage to your system by attacking the services on your box in the hope of bringing your box down. And again, with all of these "expliots" the best weapon in your arsenal is regular updates and a well configured system with as little as possible services running.
0
 
LVL 1

Expert Comment

by:Haho
ID: 6159149
common sense tips that I apply :)

1) run only the necessary applications /services
2) patch, patch and patch..
3) subscribe to security mailling list like CERT, SANS, etc
4) run good tools : Snort (IDS), Tripwire, Nessus
5) implement a free software based firewall if you need more security (IP Filter, IPfw, IP Chains)
6) use encryption wherever possible (SSH instead of telnet)
7) pick a hard password to crack

Cheers


0
 
LVL 1

Expert Comment

by:Haho
ID: 6159153
i forgot tcpwrappers tool....  :)
to control access by IP/domain and logging.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 5

Expert Comment

by:BlackDiamond
ID: 6168947
Yep, good info from everyone.  Here's a few things that you can do to try to make a more secure box :

- start from a barebones installation (nothing but the basic packages).
- remove all clear text authentication apps that were installed by default (ftp, telnet, etc).
- remove all apps that create any listening ports (including linuxconf).
- remove all unneccessary tools that hackers might like (like ip-utils).
- install ssh if remote access is necessary
- run any necessary network apps in their own chroot environments.

- rename the "id" command, and create a script that updates your ipchains rules to block the ip address of anyone that runs it (cute trick I learned from one of the security gurus, works quite well...  What's the first thing a hacker wants to know when they get into your box, hehe :->)

+ everything that psimation and haho suggested...
0
 

Expert Comment

by:CleanupPing
ID: 9078792
wsanchez:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9975913
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: psimation {http:#6153702}

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

majorwoo
EE Cleanup Volunteer
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question