[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [[cobalt-users] Server Hacked?]
- Subject: Re: [[cobalt-users] Server Hacked?]
- From: "Richard E. Perlotto II" <richard@xxxxxxxxxxxx>
- Date: Tue Feb 15 07:31:00 2000
There is a book called "Hacking Exposed" ISBN# 0-07-212127-0
It should illustrate enough to frighten you.
Richard
Liz wrote:
>
> While speaking in general terms here...if no one has shell
> access except the admin (and/or root) how can one hack a
> system if they can't telnet into it, or access it through
> the shell being only the admin & root are the only ones
> having shell access?
>
> I sorta understand that a system can get hacked with FTP
> access, but what I don't understand is...all sys files
> typically have root ownership so how can someone's cgi
> script do nasty stuff to, or read, root owned files??
> Anytime I tired to read a root owned file while logged in
> neither admin or root (using a User login with shell access)
> I got permission denied.
>
> Yep, I definately need a better book on network security and
> am taking lots of notes on all that have been suggested thus
> far!
>
> Liz
>
> ------Original Message------
> From: Kris Dahl <kris@xxxxxxxxxxxxx>
> To: cobalt-users@xxxxxxxxxxxxxxx
> Sent: February 14, 2000 10:05:07 PM GMT
> Subject: Re: [[cobalt-users] Server Hacked?]
>
> <snip>
>
> If that machine is on the Internet--it can be cracked.
> Regardless of
> weather it has telnet access or not. But by limiting the
> telnet access you
> certainly plug a lot of wholes. Its the nature of the
> beast--Linux has
> excellent remote control abilities--but that also means it
> can be remote
> controlled for harm as well as good.
>
> -k
>
> ______________________________________________
> FREE Personalized Email at Mail.com
> Sign up at http://www.mail.com?sr=mc.mk.mcm.tag001
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-users