Yeah.  I guess you don't read the NOLUG list anymore.  I still keep up
with brlug messages when I can.  
On Mon, Jul 09, 2001 at 04:45:48PM -0500, Dustin Puryear wrote:
<em>> What? You are still alive?
<em>> 
<em>> Regards, Dustin
<em>> 
<em>> Scott Harney wrote:
<em>> 
<em>> > packetstorm.securify.com is definitely worth your exploration if you 
want
<em>> > to find active exploits and the rootkits they install following the 
'sploit.
<em>> > 
<em>> > On Mon, Jul 09, 2001 at 11:55:54AM -0500, Dustin Puryear wrote:
<em>> > 
<em>> >>Probably the best place to find links to root-kits and exploits is 
<em>> >>securityfocus.com. There are other places, but this is the best.
<em>> >>
<em>> >>Regards, Dustin
<em>> >>
<em>> >>john beamon wrote:
<em>> >>
<em>> >>
<em>> >>>Well...I found something.  I made an offhand comment at Gatti's that 
may
<em>> >>>bear repeating.  I had an impression that lots of us talked about all
<em>> >>>these apps that were insecure and that we'd never touch, but none of us
<em>> >>>stepped up to demonstrate it for the crack meeting.  It was a joke, 
but it
<em>> >>>was painfully true for yours truly.  Well, I think I hit the 
motherload.
<em>> >>>
<em>> >>>I did a little google searching on rootkits.  Lots of security warnings
<em>> >>>ABOUT rootkits, but it took me a half hour to find a link to download 
one.
<em>> >>>I used its title for another search, and it led me to
<em>> >>>http://packetstorm.securify.com.  There's a sub under there,
<em>> >>>UNIX/penetration/rootkits, that made me pee in my pants.  I will be
<em>> >>>setting up a honeypot here soon with cd-only installs of Red Hat 6.2 
and
<em>> >>>7.x for my own studies.
<em>> >>>
<em>> >>>Granted, many of what we call "exploits" are the result of default or
<em>> >>>unwise configurations.  It takes one line, for example, to configure
<em>> >>>ProFTPd to jail users in their $HOME.  wu-ftpd takes two lines and a
<em>> >>>little simple /etc/group editing.  There are more keystrokes involved
<em>> >>>opening vi.  I think this page deserves a little peek from anyone 
running
<em>> >>>anything as simple as a telnet or anon-ftp service on their
<em>> >>>internet-connected box.
<em>> >>>
<em>> >>>Who's ready for a crack meeting?
<em>> >>>
<em>> >>>
<em>> >>>
<em>> >>
<em>> >>-- 
<em>> >>Dustin Puryear <[EMAIL PROTECTED]>
<em>> >>http://members.telocity.com/~dpuryear
<em>> >>In the beginning the Universe was created.
<em>> >>This has been widely regarded as a bad move. - Douglas Adams
<em>> >>
<em>> >>================================================
<em>> >>BRLUG - The Baton Rouge Linux User Group
<em>> >>Visit http://www.brlug.net for more information.
<em>> >>Send email to [EMAIL PROTECTED] to change
<em>> >>your subscription information.
<em>> >>================================================
<em>> >>
<em>> > 
<em>> 
<em>> 
<em>> -- 
<em>> Dustin Puryear <[EMAIL PROTECTED]>
<em>> http://members.telocity.com/~dpuryear
<em>> In the beginning the Universe was created.
<em>> This has been widely regarded as a bad move. - Douglas Adams
<em>> 
<em>> ================================================
<em>> BRLUG - The Baton Rouge Linux User Group
<em>> Visit http://www.brlug.net for more information.
<em>> Send email to [EMAIL PROTECTED] to change
<em>> your subscription information.
<em>> ================================================

-- 
Scott Harney<[EMAIL PROTECTED]>
================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to [EMAIL PROTECTED] to change
your subscription information.
================================================

<!-- body="end" -->
<hr noshade>
<ul>
<li><strong>Next message:</strong> Nathaniel B. Klumb: "Re: [brluglist] WINE"
<li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] root 
kits"
<li><strong>In reply to:</strong> Dustin Puryear: "Re: [brluglist] root kits"
<li><strong>Messages sorted by:</strong> 
[ date ]
[ thread ]
[ subject ]
[ author ]
[ attachment ]
</ul>
<hr noshade>

<small>
<em>
This archive was generated by hypermail 2.1.2 
: <em>Thu Sep 06 2001 - 11:10:54 CDT</em>
</em>
</small>
</body>
</html>

Reply via email to