On Thu, 17 Feb 2000, Ivan Trail wrote:
> Any way, on to my question. I recall reading that you can change the
> names of commands in the shell. For instance you could make ls -l into
> lsl to simplify things. Well since to hack into a system, you would
> need to use some basic commands, like ls and cd etc., would you be able
> to change these commands to a different command (give the command a
> different name) like cd would become nohack or some other random name.
> Thus a hacker would not be able to get around in your system because it
> doesn't know the commands to do so. Now the big question, if you change
> the commands on your machine, will your machine still recognise the
> standard commands issued by the other machine to yours?
>
This is classical "security by obscurity". It may work only against
VERY unexperienced hackers. If you change names of binaries in /bin (for
example change cat to nohack) it will break many things on your system and
probably you will have problems booting up (as almost all startup scripts
use some basic commands esp. cat, rm). And if you use aliases then a
hacker can do simple alias command to see your changes or invoke programs
directly ( /bin/ls ). You should concentrate on not letting hacker on your
system in the first place because when one is inside you really can't do
much.
Regards Suppiluliuma
--
I live to the day I die
I live to the day I cry
I'm dead the day I lie
