packetstorm.securify.com is definitely worth your exploration if you want to find active exploits and the rootkits they install following the 'sploit. On Mon, Jul 09, 2001 at 11:55:54AM -0500, Dustin Puryear wrote: <em>> Probably the best place to find links to root-kits and exploits is <em>> securityfocus.com. There are other places, but this is the best. <em>> <em>> Regards, Dustin <em>> <em>> john beamon wrote: <em>> <em>> > Well...I found something. I made an offhand comment at Gatti's that may <em>> > bear repeating. I had an impression that lots of us talked about all <em>> > these apps that were insecure and that we'd never touch, but none of us <em>> > stepped up to demonstrate it for the crack meeting. It was a joke, but it <em>> > was painfully true for yours truly. Well, I think I hit the motherload. <em>> > <em>> > I did a little google searching on rootkits. Lots of security warnings <em>> > ABOUT rootkits, but it took me a half hour to find a link to download one. <em>> > I used its title for another search, and it led me to <em>> > http://packetstorm.securify.com. There's a sub under there, <em>> > UNIX/penetration/rootkits, that made me pee in my pants. I will be <em>> > setting up a honeypot here soon with cd-only installs of Red Hat 6.2 and <em>> > 7.x for my own studies. <em>> > <em>> > Granted, many of what we call "exploits" are the result of default or <em>> > unwise configurations. It takes one line, for example, to configure <em>> > ProFTPd to jail users in their $HOME. wu-ftpd takes two lines and a <em>> > little simple /etc/group editing. There are more keystrokes involved <em>> > opening vi. I think this page deserves a little peek from anyone running <em>> > anything as simple as a telnet or anon-ftp service on their <em>> > internet-connected box. <em>> > <em>> > Who's ready for a crack meeting? <em>> > <em>> > <em>> <em>> <em>> -- <em>> Dustin Puryear <[EMAIL PROTECTED]> <em>> http://members.telocity.com/~dpuryear <em>> In the beginning the Universe was created. <em>> This has been widely regarded as a bad move. - Douglas Adams <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================
-- Scott Harney<[EMAIL PROTECTED]> ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Previous message:</strong> Shannon Roddy: "Re: [brluglist] root kits" <li><strong>In reply to:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
