[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] root login on RaQ3
- Subject: Re: [cobalt-users] root login on RaQ3
- From: Joe D <Joed@xxxxxxxx>
- Date: Sat Mar 11 11:13:35 2000
- Organization: Joes Home on WWW Inc
If you really want to see the security risks out there and maybe figure out
some ways to prevent the attacks take a look at:
http://www.insecure.org/
I am about ready to hire the guy to look at my network the FUD factor worked
on me after reading the stuff at the site.
Joe
Jeff Lasman wrote:
> At 01:46 PM 3/11/00 -0500, you wrote:
>
> >I never said it wasn't a security risk... I should have said that it is a
> >MAJOR security risk to allow direct root logins.
> >
> >...<stuff snipped out of middle>...
> ><crawling back into my hole now>
>
> Actually I think your response to me quite reasonable.
>
> Here's the skinny:
>
> Since everyone knows every user box has a "root" account, if "root"
> accounts were available through telnet, anyone could do a dictionary attack
> on every server running telnet. As is, without root access, in order to do
> a dictionary attack, the attacker needs to know at least one login
> name. Since everyone does for Cobalt boxes <admin>, you don't gain any
> security if you've got Cobalt boxes, and let everyone know it.
>
> One way to get some additional security would be to have a program running
> suid that would let you go into su, reading the password from a -r--------
> file. Of course this only works if the name of the program is so obscure,
> and the file is hidden as well, that no one could ever guess it's name.
>
> All bets are off if someone's sniffiing you, though; then they see
> everything you type <frown>.
>
> Jeff
>
> --
> Jeff Lasman <jblists@xxxxxxxxxxxxx>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users