Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


linux vulnerabilities

Posted on 2001-06-04
Medium Priority
Last Modified: 2011-09-20
what are the ways that a hacker can gain access to a linux system? no need to give step-by-step details on how to hack but give applications that may have loopholes and/or how to make a linux box secure. for example, the bind vulnerability.

Question by:wsanchez
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 17

Accepted Solution

psimation earned 200 total points
ID: 6153702
Well ANY service that allow a user from outside to access the system legitemately is open for atack. It's like the old saign, if the lock has a key, it can be picked...
So, the real trick is to not have any unnecesary services open, and to configure those that need to be open as secure as possible. Those services that are open, should also be kept up to date via updates from the redhat site for instance ( good example is the bind exploit which quickly had a "cure" via redhat.com and others ), I think the password is to do maintenance and checks regularly and to update as soon as a known exploit becomes available.
There are also certain services that although "legitemate" are less secure than others, telnet is one of the biggest culprits, cause when loggin in to a server the password is contained within the actual network packet, and anyone sniffing the connection will see your password. That is the main reason why telnet is rarely used on machines connected to the internet anymore, and the industry standard is now SSH.
Same goes for poorly configured ftp servers. Allowing anonymous access to your ftp server can cause you alot of problems with users being able to wander around the system. Although they cannot edit or delete files, they usually can download files that might contain valuable data for a cracker.
There are also malicious crackers looking to inflict damage to your system by attacking the services on your box in the hope of bringing your box down. And again, with all of these "expliots" the best weapon in your arsenal is regular updates and a well configured system with as little as possible services running.

Expert Comment

ID: 6159149
common sense tips that I apply :)

1) run only the necessary applications /services
2) patch, patch and patch..
3) subscribe to security mailling list like CERT, SANS, etc
4) run good tools : Snort (IDS), Tripwire, Nessus
5) implement a free software based firewall if you need more security (IP Filter, IPfw, IP Chains)
6) use encryption wherever possible (SSH instead of telnet)
7) pick a hard password to crack



Expert Comment

ID: 6159153
i forgot tcpwrappers tool....  :)
to control access by IP/domain and logging.
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.


Expert Comment

ID: 6168947
Yep, good info from everyone.  Here's a few things that you can do to try to make a more secure box :

- start from a barebones installation (nothing but the basic packages).
- remove all clear text authentication apps that were installed by default (ftp, telnet, etc).
- remove all apps that create any listening ports (including linuxconf).
- remove all unneccessary tools that hackers might like (like ip-utils).
- install ssh if remote access is necessary
- run any necessary network apps in their own chroot environments.

- rename the "id" command, and create a script that updates your ipchains rules to block the ip address of anyone that runs it (cute trick I learned from one of the security gurus, works quite well...  What's the first thing a hacker wants to know when they get into your box, hehe :->)

+ everything that psimation and haho suggested...

Expert Comment

ID: 9078792
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Expert Comment

ID: 9975913
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Accept: psimation {http:#6153702}

Please leave any comments here within the next seven days.

EE Cleanup Volunteer

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question