Greetings, Am Dienstag, 2. August 2005 10:57 schrieb Ben Bucksch: > Stefano Salvi wrote: > > I prefer to have no X on the server and administer it from command > > line or Web interfaces (command line is better). > > Let's say > > 1. You use Mozilla from sarge > 2. Somebody cracks you through known holes in that old Mozilla, > either a mass exploit or an enemy of you specifically targetting > you. Which is probably the easiest way to attack you, through all > firewalls. So much for browser/email security. > 3. He controls your desktop > 4. He downloads all your local mail and photos/images, including your > confidental company mail, private mail and nude photos of your > girlfriend. He posts it on the Internet, your company's billboard, > and your supermarket's billboard.
Eh - no. Linux allows you to start two different XServers on two different screens (or on the same) with two different user-id's on two virtually or physically seperated Systems. As you can see, only fools make this mistake. > 5. He also installs a keyboard sniffer and downloads your private SSH > keys. Rubbish - if seperated correctly. > 6. He logs into all servers and other computers that you have access > to. Including those desktops of your friends, which you remote > administrate or use the password that they use for your server. > And the attacker goes on from there. So much for desktop/server > security. You are describing the general results of trojan attacks - but to be honest - if it's getting personal, there are other ways to comprise machines. I've done some test: Who on my instant messaging list will execute a signed Java-Applet without asking me for further information. No one asked my what this applet was doing. Everyone got his c:\test.txt saying "This was foolish" (Or /home/usr/C:\test.txt). Verify yourself. But in order to make this a server issue, you have to be foolish. Keep smiling yanosz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
