What? You are still alive? Regards, Dustin Scott Harney wrote: <em>> packetstorm.securify.com is definitely worth your exploration if you want <em>> to find active exploits and the rootkits they install following the 'sploit. <em>> <em>> On Mon, Jul 09, 2001 at 11:55:54AM -0500, Dustin Puryear wrote: <em>> <em>>>Probably the best place to find links to root-kits and exploits is <em>>>securityfocus.com. There are other places, but this is the best. <em>>> <em>>>Regards, Dustin <em>>> <em>>>john beamon wrote: <em>>> <em>>> <em>>>>Well...I found something. I made an offhand comment at Gatti's that may <em>>>>bear repeating. I had an impression that lots of us talked about all <em>>>>these apps that were insecure and that we'd never touch, but none of us <em>>>>stepped up to demonstrate it for the crack meeting. It was a joke, but it <em>>>>was painfully true for yours truly. Well, I think I hit the motherload. <em>>>> <em>>>>I did a little google searching on rootkits. Lots of security warnings <em>>>>ABOUT rootkits, but it took me a half hour to find a link to download one. <em>>>>I used its title for another search, and it led me to <em>>>>http://packetstorm.securify.com. There's a sub under there, <em>>>>UNIX/penetration/rootkits, that made me pee in my pants. I will be <em>>>>setting up a honeypot here soon with cd-only installs of Red Hat 6.2 and <em>>>>7.x for my own studies. <em>>>> <em>>>>Granted, many of what we call "exploits" are the result of default or <em>>>>unwise configurations. It takes one line, for example, to configure <em>>>>ProFTPd to jail users in their $HOME. wu-ftpd takes two lines and a <em>>>>little simple /etc/group editing. There are more keystrokes involved <em>>>>opening vi. I think this page deserves a little peek from anyone running <em>>>>anything as simple as a telnet or anon-ftp service on their <em>>>>internet-connected box. <em>>>> <em>>>>Who's ready for a crack meeting? <em>>>> <em>>>> <em>>>> <em>>> <em>>>-- <em>>>Dustin Puryear <[EMAIL PROTECTED]> <em>>>http://members.telocity.com/~dpuryear <em>>>In the beginning the Universe was created. <em>>>This has been widely regarded as a bad move. - Douglas Adams <em>>> <em>>>================================================ <em>>>BRLUG - The Baton Rouge Linux User Group <em>>>Visit http://www.brlug.net for more information. <em>>>Send email to [EMAIL PROTECTED] to change <em>>>your subscription information. <em>>>================================================ <em>>> <em>> <p> -- Dustin Puryear <[EMAIL PROTECTED]> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
<!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Scott Harney: "Re: [brluglist] root kits" <li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] root kits" <li><strong>In reply to:</strong> Scott Harney: "Re: [brluglist] root kits" <li><strong>Next in thread:</strong> Scott Harney: "Re: [brluglist] root kits" <li><strong>Reply:</strong> Scott Harney: "Re: [brluglist] root kits" <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
