[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] procmail and other GPL source...
- Subject: Re: [cobalt-users] procmail and other GPL source...
- From: Elmer Fuddpucker <elmer@xxxxxxxxxxxxxx>
- Date: Wed Jul 25 18:12:08 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Wed, 25 Jul 2001, SteelHead wrote:
} hours to get it to crack. The guru at Cobalt even *said he had a sequence
} to open a broken box that would not respond* while we were trying to get her
} open.
This isn't necessarly indicative of a backdoor though. For
those that know the OS and who have the root password, getting in
to a server that the average user is locked out of really isn't that
big of a deal. It's almost trivial under these specific conditions.
While I did have the applicable passwords, and I sincerely doubt I
could have pulled it off without the passwords, I once got into a
Linux server via the popular formmail.pl script. Worse yet, perhaps,
I once had a server running here on which I mounted home, user, etc.
on the root partition so I wouldn't have to worry about wasting
space or running out of space because I didn't set the size of the
partitions properly. Another system admin, who had an account on the
server, told me that my denying shell access was a waste of time
because home was mounted on root. I told him he was nuts and he
asked for permission to prove it and then he set himself up with
both SSH and telnet in no time at all.
Having done a bit of consulting for other small hosting
companies I myself have impressed a few system admins by using very
common tricks that I knew but they didn't. Worse yet, perhaps, I
left the details of how I did what I did up to their imagination
and that's what I suspect is occuring here, at least as far as a
backdoor into our Cobalt servers is concerned.
Brent
Elmer Fuddpucker's WWW Directory
http://www.fuddpucker.com/