[wellylug] Why security for home PCs could be more important than you realise
Ilia Pavlenko
ip at globe.net.nz
Fri Nov 1 21:17:44 NZDT 2002
Well - That's a nice topic for a meeting :)
First of all - FORGET TELNET, ONLY SSH !!! (i've been screwed for using
telnet - someone "sniffed" and rootkitted a SuSE-based server that i've
built...
Second - if you don't need it - disable it :) Thats why i always go for
"custom" installs, and leave what I don't need.
Third - read "alternative" news, even things like "slashdot.org" will
usually announce new vulnerabilities before major news companies.
Homo homini lupus est :)
Ilia
On 1 Nov 2002, Damon Lynch wrote:
> Hi,
>
> I must confess I used to have the attitude of "no one would want to
> crack into my home PC"--until I read the explanation below! A Mandrake
> user with a machine at home who had not bothered to apply security
> patches got cracked. Mandrake asked him why he did not bother. His
> explanation and the further response of Mandrake are below. Interesting
> reading, especially for users on cable or dsl!!
>
> Damon
>
> -----Forwarded Message-----
>
> From: Vincent Danen <vdanen at mandrakesoft.com>
> To: expert at linux-mandrake.com
> Subject: Re: [expert] Ive been hacked!
> Date: 31 Oct 2002 14:04:33 -0700
>
>
> On Thursday, October 31, 2002, at 01:26 PM, Bill Beauchemin wrote:
>
> > I wasa running a much older version of apache and openssl that i
> > thought
> > were ok but nooooooooo I guess this hack works with even the old stuff.
> > I also didnt think somebody would be interested in my little private
> > home email and web server. Oh well I learned my lesson. Now I ogts to
> > go
> > and get the apache, openssl, and the modssl patches.
>
> A few tips. First, the updates are there to fix problems in older
> versions. Chances are, if there is an update for it, it's because you
> *need* it. We don't make updates just for kicks, and we don't provide
> updates for software that isn't vulnerable. IIRC, if you were running
> apache 1.0, you would need the update.
>
> Secondly, your private home email/web server is a preferred target.
> Why? Because of exactly your thinking. "No one will be interested in
> it". It is much easier to hack into someone's machine with a
> laxidazy(sp?) attitude towards security. It also helps to hide the
> trail. If someone can hack into your machine, and then use it as a
> springboard to the machine they *really* want, the better for them. To
> the end victim, it looks like the attack is coming from you, which it
> is. That means they will attempt to deal with *you*, rather than the
> real perpetrator. To that end, yes, it's more appealing to someone
> wanting to break into amazon.com, to break into your machine first. Or
> four machines, similar to yours, springboarding from one machine to the
> next, hiding their trail, until the end of the line machine (after
> having accomplished four hops or so) is used to attack the real target.
>
> The short and long of it is: Never *ever* assume you will not be a
> target. They may not be interested in your data, but they may be
> interested in your connection, CPU, etc. And update update *update*!
> Updates are done for your benefit, not ours.
>
> I know it sucks to have this happen to you, but hopefully this will
> serve as a lesson both to yourself and many other people who have had
> the same attitude as you. =)
>
> --
> MandrakeSoft Security; http://www.mandrakesecure.net/
> "lynx - source http://linsec.ca/vdanen.asc | gpg --import"
> {FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
>
>
>
>
>
> .-. Wellington
> /V\ Linux
> // \\ Users
> /( )\ Group
> ^^-^^
> http://wlug.paradise.net.nz/
>
> To unsubscribe from this group, send an email to:
> wellylug-unsubscribe at egroups.com
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>
>
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Get 128 Bit SSL Encryption!
http://us.click.yahoo.com/JjlUgA/vN2EAA/kG8FAA/0XFolB/TM
---------------------------------------------------------------------~->
.-. Wellington
/V\ Linux
// \\ Users
/( )\ Group
^^-^^
http://wlug.paradise.net.nz/
To unsubscribe from this group, send an email to:
wellylug-unsubscribe at egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
More information about the wellylug
mailing list