l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2005 Feb 16 06:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] lugod.org cracked?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] lugod.org cracked?

Quoting ME (dugan@passwall.com):

[much really good advice, snipped]

> Weitse Venema and Dan Farmer gave a nice presentation on this and how
> each choice excludes the other two.

To a degree, yes.  One might find it practical and quick to duplicate
all hard drive contents to other media, preserving chain of evidence and
maybe even leaving processes running on the compromised host.  Which is
of course a double-edged sword.  But you can then do the rebuild on
other hardware entirely -- if you have other hardware to work with, and
have reason to go that route.

> I came across this one and another article you had that provided links to
> a variety of integrity checking apps. Pretty good information there. I
> think we found one on your site too, and found that to be useful too.

(Thanks.)   You're probably referring to my old "Attacking Linux"
article, http://security.itworld.com/4352/LWD000829hacking/pfindex.html .

All of those pieces, plus my brief "system break-ins even without remote
vulnerabilities" piece, talking about how an unnamed company's network
was compromised because of stolen SSH credentials[1], can always be
found linked from my personal page, http://linuxmafia.com/~rick/ .

[1] That was when V[**COUGH] Systems was compromised because some idiot
sysadmin in the IT Dept.  SSHed out into a public Source[***COUGH***]
shell server then _and ssh/scp'ed back in_.  The latter blunder was
fatal to company security, because he exposed vital security tokens on
an exposed public machine that happened to have been rooted a short
while before, because a user's tokens for access to _that_ machine
happened to have been compromised on a university box.

(No, said idiot sysadmin wasn't me, in case you're wondering.  ;->  )

vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!