On Wed, 4 Jun 2014 17:40:39 +0200 "Roberto E. Vargas Caballero" <[email protected]> wrote:
> WOW!, so, for you, it isn't important if you have a non legitimate > user, that can use your machine as base for attacking another > machines. > And, of course, it isn't important if you have an atacker > in your system with all the time of the world to can search > vulnerabilities in your system. Before he gets in, he still has to run a brute-force/dictionary-att. on all users. He wouldn't have much time if the admins have done their jobs. > The first step of any atack is > always get some non privileged account and later try to get root > privilegies from it. Yep. > And when you have a big number of users, it means that the atacker > is going to have more of one password of users, so when you detect > the intrussion the only thing you can do is change the password of > all the users... No? How would that happen? If an attacker ran an attack and detected a password of one user, this wouldn't magically reveal the other passwords to him. If an intrusion for one user has been detected (with the low probability that the cracker hasn't already been detected before), you just make sure this user is deactivated and can't do any more harm more to himself than to the system. Moreover, with less and less suid-programs in the base, root-exploits become more and more unlikely and attacks nowadays are more directed at system-services from the outside. > There is a very good book that shows the problem of users with > weak password, "The cuckoo's Egg". It is a novel based in the experience > of Clifford Stoll hunting a hacker at the end of 80's, but a lot > of things can be applied today (there is also a technical paper, but > the novel is really good and less boring ;)). Cool, I'll check it out! Thanks for the recommendation! Cheers FRIGN -- FRIGN <[email protected]>
