linux vulnerabilities

Posted on 2001-06-04
Last Modified: 2011-09-20
what are the ways that a hacker can gain access to a linux system? no need to give step-by-step details on how to hack but give applications that may have loopholes and/or how to make a linux box secure. for example, the bind vulnerability.

Question by:wsanchez
LVL 17

Accepted Solution

psimation earned 50 total points
ID: 6153702
Well ANY service that allow a user from outside to access the system legitemately is open for atack. It's like the old saign, if the lock has a key, it can be picked...
So, the real trick is to not have any unnecesary services open, and to configure those that need to be open as secure as possible. Those services that are open, should also be kept up to date via updates from the redhat site for instance ( good example is the bind exploit which quickly had a "cure" via and others ), I think the password is to do maintenance and checks regularly and to update as soon as a known exploit becomes available.
There are also certain services that although "legitemate" are less secure than others, telnet is one of the biggest culprits, cause when loggin in to a server the password is contained within the actual network packet, and anyone sniffing the connection will see your password. That is the main reason why telnet is rarely used on machines connected to the internet anymore, and the industry standard is now SSH.
Same goes for poorly configured ftp servers. Allowing anonymous access to your ftp server can cause you alot of problems with users being able to wander around the system. Although they cannot edit or delete files, they usually can download files that might contain valuable data for a cracker.
There are also malicious crackers looking to inflict damage to your system by attacking the services on your box in the hope of bringing your box down. And again, with all of these "expliots" the best weapon in your arsenal is regular updates and a well configured system with as little as possible services running.

Expert Comment

ID: 6159149
common sense tips that I apply :)

1) run only the necessary applications /services
2) patch, patch and patch..
3) subscribe to security mailling list like CERT, SANS, etc
4) run good tools : Snort (IDS), Tripwire, Nessus
5) implement a free software based firewall if you need more security (IP Filter, IPfw, IP Chains)
6) use encryption wherever possible (SSH instead of telnet)
7) pick a hard password to crack



Expert Comment

ID: 6159153
i forgot tcpwrappers tool....  :)
to control access by IP/domain and logging.
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Expert Comment

ID: 6168947
Yep, good info from everyone.  Here's a few things that you can do to try to make a more secure box :

- start from a barebones installation (nothing but the basic packages).
- remove all clear text authentication apps that were installed by default (ftp, telnet, etc).
- remove all apps that create any listening ports (including linuxconf).
- remove all unneccessary tools that hackers might like (like ip-utils).
- install ssh if remote access is necessary
- run any necessary network apps in their own chroot environments.

- rename the "id" command, and create a script that updates your ipchains rules to block the ip address of anyone that runs it (cute trick I learned from one of the security gurus, works quite well...  What's the first thing a hacker wants to know when they get into your box, hehe :->)

+ everything that psimation and haho suggested...

Expert Comment

ID: 9078792
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Expert Comment

ID: 9975913
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: psimation {http:#6153702}

Please leave any comments here within the next seven days.

EE Cleanup Volunteer

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In a recent question ( here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now