[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [[cobalt-users] Server Hacked?]
- Subject: Re: [[cobalt-users] Server Hacked?]
- From: Liz <daldog@xxxxxxxx>
- Date: Mon Feb 14 21:19:59 2000
While speaking in general terms here...if no one has shell
access except the admin (and/or root) how can one hack a
system if they can't telnet into it, or access it through
the shell being only the admin & root are the only ones
having shell access?
I sorta understand that a system can get hacked with FTP
access, but what I don't understand is...all sys files
typically have root ownership so how can someone's cgi
script do nasty stuff to, or read, root owned files??
Anytime I tired to read a root owned file while logged in
neither admin or root (using a User login with shell access)
I got permission denied.
Yep, I definately need a better book on network security and
am taking lots of notes on all that have been suggested thus
far!
Liz
------Original Message------
From: Kris Dahl <kris@xxxxxxxxxxxxx>
To: cobalt-users@xxxxxxxxxxxxxxx
Sent: February 14, 2000 10:05:07 PM GMT
Subject: Re: [[cobalt-users] Server Hacked?]
<snip>
If that machine is on the Internet--it can be cracked.
Regardless of
weather it has telnet access or not. But by limiting the
telnet access you
certainly plug a lot of wholes. Its the nature of the
beast--Linux has
excellent remote control abilities--but that also means it
can be remote
controlled for harm as well as good.
-k
______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com?sr=mc.mk.mcm.tag001