Well...I found something. I made an offhand comment at Gatti's that may bear repeating. I had an impression that lots of us talked about all these apps that were insecure and that we'd never touch, but none of us stepped up to demonstrate it for the crack meeting. It was a joke, but it was painfully true for yours truly. Well, I think I hit the motherload. I did a little google searching on rootkits. Lots of security warnings ABOUT rootkits, but it took me a half hour to find a link to download one. I used its title for another search, and it led me to http://packetstorm.securify.com. There's a sub under there, UNIX/penetration/rootkits, that made me pee in my pants. I will be setting up a honeypot here soon with cd-only installs of Red Hat 6.2 and 7.x for my own studies. Granted, many of what we call "exploits" are the result of default or unwise configurations. It takes one line, for example, to configure ProFTPd to jail users in their $HOME. wu-ftpd takes two lines and a little simple /etc/group editing. There are more keystrokes involved opening vi. I think this page deserves a little peek from anyone running anything as simple as a telnet or anon-ftp service on their internet-connected box. Who's ready for a crack meeting?
-- -j [EMAIL PROTECTED] ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Previous message:</strong> Dustin Puryear: "[brluglist] oops!" <li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
