How to discover if your linux box is hacked!

Aug. 16th, 2007 07:21 pm
thewayne: (Default)
[personal profile] thewayne
Interesting little piece. Guy has a linux box that is behaving badly. His friend, apparently more *nix knowledgeable than he, has an admin account on said box and starts poking around. Quickly he uncovers that the box has been compromised.

Here's the story: http://blog.gnist.org/article.php?story=HollidayCracking
Here's Schneier's take on it: http://www.schneier.com/blog/archives/2007/08/how_a_linux_ser.html

I'm sure there'll probably be a Slashdot story up soon. (not there right now, they're sometimes slow about posting stuff, or they have a big backlog or something)
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2007-08-17 02:59 am (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Quite the interesting way of doing things. I kind of wonder myself how the compromise happened in the first place - as far as I know, even with defaults enabled, most Linux systems are not easily broken in to.

Date: 2007-08-17 03:15 am (UTC)
From: [identity profile] thewayne.livejournal.com
It depends on the linux distro. It's only been the last year or two that they've been pre-hardening the installs. Some gross holes were filled, but they had plenty of known vulnerabilities on initial installs.

Date: 2007-08-17 03:29 am (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Ah, okay. I'm new enough to the distributions that security is something that they want to impress on people, even in the defaults. Stories like this make me wonder whether I'm doing enough to keep my own box secure, and how much is going on under the hood that I don't know about?

I'd have these same worries about Microsoft's OS, but I probably have less chance of knowing what's going on under the hood so that if something does go wrong, I can pinpoint it.

Date: 2007-08-17 03:39 am (UTC)
From: [identity profile] thewayne.livejournal.com
A lot is using reasonable defenses, doing a good job of keeping up with patches, and don't do high-risk things on line. And when computing, always wear a condom!

Date: 2007-08-17 03:46 am (UTC)
silveradept: A kodama with a trombone. The trombone is playing music, even though it is held in a rest position (Default)
From: [personal profile] silveradept
Hehe. Prophylactics for your computer. I suspect someone can or already has made a mint off of selling a suite of security-type products called the Computer Condom. (Assuming, of course, they could get the name past the correct authorities.)

While I'm a semi-experienced user in the sense that I have a vague idea of what "reasonable defences" might entail, like anti-virus software, a firewall (stack 'em if you can), keeping passwords secure, patching software, and the like, I wonder if there's something that I'm not doing that could help, and that I just don't know about. I suspect, though, I'd probably need to be a sysadmin if I really wanted to have a thorough knowledge of what goes on and how best to guard against intrusion while maintaining a reasonable experience using the computer. It may be a low-grade paranoia, in fact, born from using Microsoft OS.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

thewayne: (Default)
The Wayne
Spare Brains Games

January 2026

S M T W T F S
    1 23
45678910
11121314151617
18192021222324
25262728293031

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jan. 3rd, 2026 07:29 am
Powered by Dreamwidth Studios