Re: X11 exploit info
On 02/11/06 17:50, Dave Feustel wrote: Sorry. I don't intend to offend or to irritate. Trying to be polite with words doesn't guarantee you don't offend and irritate in practice. You are definitely trolling this list and you are misusing free speech and the openness of the list. Please keep the words of Marco in mind, anyone who ever looks you up with Google won't let you touch a keyboard under hers or his responsibility. +++chefren
Re: X11 exploit info
Regarding Dave's postings to misc@: I posted here about Dave's trollisms and recommended that he read page 17 of Absolute OpenBSD - Unix for the practical paranoid (By Michael Lucas - ISBN: 1886411999) That post I made, might have been a little naive, as I have just read the 'Acknowledgements' section. And LO! it turns out that Dave Feustel is mentioned on that very page. I apologise if this is already common knowledge among list users, but I'm not that well informed on particular individuals who are involved in the OpenBSD and similar 'movements'. However, it has raised my suspicions to a higher level. The book is copyrighted in 2003, long before I subscribed to this list and maybe even heard of OpenBSD really. Thing is, why would somebody who has assisted in the writing of this excellent book, be posting such troll-like pieces to this list? Maybe Dave, or somebody with better knowledge on these matters, would like to enlighten me on this? It just seems very strange to me. Regards, Craig M On Sat, 2006-02-11 at 06:03 -0500, Dave Feustel wrote: at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel
Re: X11 exploit info
I thought the very same thing yesterday, when he published his web site on the list. I took a look there, and assuming everything is correct, looks like he ported KDE and Qt to OpenBSD, which seems huge (of course he shouldn't have done that alone. Moreover, his job carrer include big companies like IBM and ATT, so he mustn't be such a novice... how come his recent posts are so troll-like? It doesn't make any sense to me. PS: Great book Craig, thanks for the suggestion! On 2/13/06, Craig M [EMAIL PROTECTED] wrote: Regarding Dave's postings to misc@: I posted here about Dave's trollisms and recommended that he read page 17 of Absolute OpenBSD - Unix for the practical paranoid (By Michael Lucas - ISBN: 1886411999) That post I made, might have been a little naive, as I have just read the 'Acknowledgements' section. And LO! it turns out that Dave Feustel is mentioned on that very page. I apologise if this is already common knowledge among list users, but I'm not that well informed on particular individuals who are involved in the OpenBSD and similar 'movements'. However, it has raised my suspicions to a higher level. The book is copyrighted in 2003, long before I subscribed to this list and maybe even heard of OpenBSD really. Thing is, why would somebody who has assisted in the writing of this excellent book, be posting such troll-like pieces to this list? Maybe Dave, or somebody with better knowledge on these matters, would like to enlighten me on this? It just seems very strange to me. Regards, Craig M On Sat, 2006-02-11 at 06:03 -0500, Dave Feustel wrote: at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Felipe Brant Scarel PATUX/OpenBSD Project Leader (http://www.patux.cic.unb.br)
Re: X11 exploit info
Hi Craig, On 2006.02.13, at 10:31 PM, Craig M wrote: However, it has raised my suspicions to a higher level. The book is copyrighted in 2003, long before I subscribed to this list and maybe even heard of OpenBSD really. Thing is, why would somebody who has assisted in the writing of this excellent book, be posting such troll-like pieces to this list? I've always found Dave to be polite and even in the face of this recent abuse, which seems excessive to me. I don't think Dave intends to be coming off as a troll. He's maybe just feeling a little paranoid at the moment since he has apparently become the victim of a hacker. I wonder if Dave is finding himself torn between asking questions here to people he respects a great deal and not wanting to ask because of the responses he has been getting? Shane J Pearsonshanejp netspace net au -|
Re: X11 exploit info
Felipe Scarel wrote: I thought the very same thing yesterday, when he published his web site on the list. I took a look there, and assuming everything is correct, looks like he ported KDE and Qt to OpenBSD, which seems huge (of course he shouldn't have done that alone. Moreover, his job carrer include big companies like IBM and ATT, so he mustn't be such a novice... how come his recent posts are so troll-like? It doesn't make any sense to me. PS: Great book Craig, thanks for the suggestion! I don't know anymore! Part of me want to say that may be the man page and FAQ on OpenBSD are so good that anyone can write a book as long as they have good English and can write, or read well. Obviously not my case. Yes as it was written before, he is very polite and I can't argue that, but I was looking to buy this book to add to my collection of OpenBSD book, as OpenBSD is my favorite OS by far and I even collect all the book that are written on it, even if the difference between them might not be as big as one might think. But I can only say however that if he was involve in the writing of the book in anyways, may be he is a great guy and I don't know him, and as such everyone deserve a good space for their mistakes, god knows I did my fair share and still do at time, but MEN if that's the case, he shouldn't be that spaced out in his comments and questions! May be IBM and ATT are so big they do not always know who they employed, I don't know. Or may be it was like in school when you might be cheating and get the answer from your friends and write you name on the exam, I don't know. I would expect the people writing books, specially on OpenBSD to know a lots more then me, so that I can learn from them, but if what you say is true, it make me question my idea and intention of buying the book to start with! No offense to the author if they are great, I don't know, but then, they should pay more attention who they work with don't you think? I was going to suggest to simply switch to Windows, the GUI interface may be a lots easier to understand, now I guess it would be misplace to do so. But men, that's doesn't speak for the quality of the lack there of for the book does it!? Sorry if I offended anyone, not my intentions, but come one, where one will get good and trusted knowledge then if even some what so possibly consider reference book are by trolls, or trolls like? I don't know anymore, but I sure question myself now??? I know one thing however, I never use KDE nor Qt, but you can be sure I will not either. Call me jerk, flame me, or what not, that's fair and may be I deserved it here in this case, but it honestly make me think twice my approaches in the learning of my favorite OS however! Sorry for the long post, but that's my $0.02 worth and reflections on the subject at the moment. So, apologies given where they are due! Daniel.
Re: X11 exploit info
On 2/13/06, Shane J Pearson [EMAIL PROTECTED] wrote: Hi Craig, On 2006.02.13, at 10:31 PM, Craig M wrote: However, it has raised my suspicions to a higher level. The book is copyrighted in 2003, long before I subscribed to this list and maybe even heard of OpenBSD really. Thing is, why would somebody who has assisted in the writing of this excellent book, be posting such troll-like pieces to this list? I've always found Dave to be polite and even in the face of this recent abuse, which seems excessive to me. I don't think Dave intends to be coming off as a troll. He's maybe just feeling a little paranoid at the moment since he has apparently become the victim of a hacker. You mean paranoid because he's discovered yet another bug in KDE? I wonder if Dave is finding himself torn between asking questions here to people he respects a great deal and not wanting to ask because of the responses he has been getting? Hopefully the latter unless he starts doing a little due diligence. Greg
Re: X11 exploit info
On Mon, Feb 13, 2006 at 02:00:24PM -0500, Daniel Ouellet wrote: I would expect the people writing books, specially on OpenBSD to know a lots more then me, so that I can learn from them, but if what you say is true, it make me question my idea and intention of buying the book to start with! No offense to the author if they are great, I don't know, but then, they should pay more attention who they work with don't you think? Keep cool. Quoting from the Acknowledgements: ... The following people all provided feedback on one or more chapters of this book, or answered specific questions on frequently-misunderstood aspects of OpenBSD, and as such deserve my heartfelt thanks. Some of them are OpenBSD crown princes, and others are just users who were trying to figure out what their computer was actually doing. What I've done right is thinks to them, and what I've done wrong is my own fault. They are, in alphabetical order: Shawn Carroll, Chris Cappucio, Dave Feustel, Thorsten Glaser, Daniel Hartmeier, Jason Houx, Volker Kindermann, Anil Madhavapeddy, U.N. Owen (aka dreamwvr), Francisco Luis Roque, Srebrenko Sehic, Matt Simonsen, Sam Smith, Duncan Matthew Stirling, Peter Werner, and Jason Wright. A special thanks goes out to Theo de Raadt, for taking time out of his fiendishly busy schedule to provide special insight into the innards of OpenBSD, for not holding back when I goofed, and especially for sticking to his standards of freedom, despite everything the world has to say on that subject. ... *Feedback* may mean anything, from simple spelling errors to better examples or pointing out of errors. So please don't misjudge the book just because of a single person involved. Ciao, Kili
Re: X11 exploit info
Matthias Kilian wrote: On Mon, Feb 13, 2006 at 02:00:24PM -0500, Daniel Ouellet wrote: I would expect the people writing books, specially on OpenBSD to know a lots more then me, so that I can learn from them, but if what you say is true, it make me question my idea and intention of buying the book to start with! No offense to the author if they are great, I don't know, but then, they should pay more attention who they work with don't you think? Keep cool. Quoting from the Acknowledgements: ... The following people all provided feedback on one or more chapters of this book, or answered specific questions on frequently-misunderstood aspects of OpenBSD, and as such deserve my heartfelt thanks. Some of them are OpenBSD crown princes, and others are just users who were trying to figure out what their computer was actually doing. What I've done right is thinks to them, and what I've done wrong is my own fault. They are, in alphabetical order: Shawn Carroll, Chris Cappucio, Dave Feustel, Thorsten Glaser, Daniel Hartmeier, Jason Houx, Volker Kindermann, Anil Madhavapeddy, U.N. Owen (aka dreamwvr), Francisco Luis Roque, Srebrenko Sehic, Matt Simonsen, Sam Smith, Duncan Matthew Stirling, Peter Werner, and Jason Wright. A special thanks goes out to Theo de Raadt, for taking time out of his fiendishly busy schedule to provide special insight into the innards of OpenBSD, for not holding back when I goofed, and especially for sticking to his standards of freedom, despite everything the world has to say on that subject. ... *Feedback* may mean anything, from simple spelling errors to better examples or pointing out of errors. So please don't misjudge the book just because of a single person involved. Ciao, Kili It would appear that he is a dabbler, and likes to talk a good game. I haven't seen anything that indicates that he's actually _done_ anything. Dabbled in lots and no shortage of opinions. (Sounds a lot like me, but I'm not dumb enough to post questions about why this old Windows 98 laptop got hacked. (Actually it doesn't. Armed Puffy Wallpaper must be effective. It _is_ better than anything Microsoft has done.)) Dating from 2001-01-06 Porting cygwin to Windows CE will be a nearly impossible task, especially if you (Dave) are having problems just locating subscribing to the mailing list and finding the Makefile. This indicates to me that you probably are not fully aware of the amount of effort required.
[OT] Rant on some person (was: X11 exploit info)
On Mon, Feb 13, 2006 at 02:53:32PM -0600, [EMAIL PROTECTED] wrote: [Something I won't quote] Please, stop ranting on persons -- it doesn't help. The intentions of my own replies weren't to flame D.F. to death but just to point out that those exploits infos were just silly. Period. EOT for me. Ciao, Kili
X11 exploit info
at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, lose the weight Loose, adj., not tight, let go, free, loose clothing
Re: X11 exploit info
On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote: 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Whow! So if I get root access to your computer, I have access to your X server. What a security threat! Sorry, I'll not waste my time reading the other exploit infos.
Re: X11 exploit info
On 2/11/06, Matthias Kilian [EMAIL PROTECTED] wrote: On Sat, Feb 11, 2006 at 06:03:51AM -0500, Dave Feustel wrote: 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Whow! So if I get root access to your computer, I have access to your X server. What a security threat! Sorry, I'll not waste my time reading the other exploit infos. Some funny quotes: If someone on the server can read your ~/.Xauthority file (hopefully only root, but if you have bad file permissions you're in trouble), and can connect to the port that sshd has bound (which anyone can) then they can access your desktop's X11 server This means that any time you SSH to another machine, that machine's administrators could attack you or they could just... you know... use their admin powers to go a much more direct route to attack you. Actually couldn't admins having access to a user's windows let them watch the users type in passwords and things? Or is the assumption in Unix that all admins are trusted? First, log into the victim's desktop, become root Being a very intelligent and worldly guy, he naturally wanted a Linux box. -- heh Now I need to get access to his magic cookies. Since I'm root, I can read all files on the filesystem [...] The key here is that I should not be allowed to show things on his X11 server -- if I can, I can do other nastier things. :) -Kousu
Re: X11 exploit info
Dude what is your major f*^%! malfunction? Years ago this sh!^ would've never been allowed to fly on this list. Maybe you think that posting all this ridiculous shit is funny but it's really not. Go take a class at a community college and learn the basics before you post again. PLEASE! And definitely stop wasting your time trying To discover how to exploit systems you are unable to comprehend. That said If you ever need serious system administration help for a serious issue (not one you make up when you are all paranoid and gunning to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. - Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Feustel Sent: Saturday, February 11, 2006 6:04 AM To: misc@openbsd.org Subject: X11 exploit info at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, lose the weight Loose, adj., not tight, let go, free, loose clothing
Re: X11 exploit info
wow... No more words!!! 2006/2/11, Dave Feustel [EMAIL PROTECTED]: On Saturday 11 February 2006 10:59, Roman Hunt wrote: Dude what is your major f*^%! malfunction? Years ago this sh!^ would've never been allowed to fly on this list. Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old are you? Also, to which post are you referring? Maybe you think that posting all this ridiculous shit is funny but it's really not. Actually, I don't think it's rediculous or funny, but you have a right to your opinion and also to express it. Go take a class at a community college and learn the basics before you post again. I may well be the only person in Fort Wayne using OpenBSD or even pretending to know anything about it. I am not aware of any courses in BSD around here. PLEASE! And definitely stop wasting your time trying To discover how to exploit systems you are unable to comprehend. Actually, I am in defensive mode. My system is clearly being penetrated. I am trying to find and plug the holes. So far running pf with a block in all' seems to be the most effective defense. I opened up port 80 to run Apache, but I started having problems again, so I went back to the 'block all' rule. I've found and reported to kde and misc a security problem in the way kde is currently ported to OpenBSD. The kde developers understand the problem and, last I heard, had a fix in the pipeline. I've got a kludge fix for that problem now. But I am still seeing signs of intrusion, so there are either still unblocked (kde or x11) holes that I haven't found that provide intruders with at least user privileges, or my system was rooted at some point in the past and will continue to be rooted until I either reinstall or upgrade to 3.9 sometime after May. Today I found two attempts to access port 6000. One from China, the other from Korea. That said If you ever need serious system administration help for a serious issue (not one you make up when you are all paranoid and gunning to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. I have no interest in being a cracker. I've looked at what is typically involved in cracking a system or creating shell code and I have no interest in spending my time doing either, although I have more than enough experience with x86 assembly code for that time-wasting activity. I have other projects that I need to spend time on. Are you interested in general relativity, electromagnetism, or tensors? I definitely need help with tensors. And I do appreciate your offer of help. I only wish it weren't so hard to explain things by email. Dave - Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Feustel Sent: Saturday, February 11, 2006 6:04 AM To: misc@openbsd.org Subject: X11 exploit info at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, lose the weight Loose, adj., not tight, let go, free, loose clothing -- Abragos Ricardo Lucas We have to stop been egoist and think more on ourselves.
Re: X11 exploit info
On Sat, 11 Feb 2006, Dave Feustel wrote: On Saturday 11 February 2006 10:59, Roman Hunt wrote: Dude what is your major f*^%! malfunction? Years ago this sh!^ would've never been allowed to fly on this list. Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old are you? Also, to which post are you referring? Maybe you think that posting all this ridiculous shit is funny but it's really not. Actually, I don't think it's rediculous or funny, but you have a right to your opinion and also to express it. Go take a class at a community college and learn the basics before you post again. I may well be the only person in Fort Wayne using OpenBSD or even pretending to know anything about it. I am not aware of any courses in BSD around here. PLEASE! And definitely stop wasting your time trying To discover how to exploit systems you are unable to comprehend. Actually, I am in defensive mode. My system is clearly being penetrated. I am trying to find and plug the holes. So far running pf with a block in all' seems to be the most effective defense. I opened up port 80 to run Apache, but I started having problems again, so I went back to the 'block all' rule. I've found and reported to kde and misc a security problem in the way kde is currently ported to OpenBSD. The kde developers understand the problem and, last I heard, had a fix in the pipeline. I've got a kludge fix for that problem now. But I am still seeing signs of intrusion, so there are either still unblocked (kde or x11) holes that I haven't found that provide intruders with at least user privileges, or my system was rooted at some point in the past and will continue to be rooted until I either reinstall or upgrade to 3.9 sometime after May. Today I found two attempts to access port 6000. One from China, the other from Korea. That said If you ever need serious system administration help for a serious issue (not one you make up when you are all paranoid and gunning to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help. I have no interest in being a cracker. I've looked at what is typically involved in cracking a system or creating shell code and I have no interest in spending my time doing either, although I have more than enough experience with x86 assembly code for that time-wasting activity. I have other projects that I need to spend time on. Are you interested in general relativity, electromagnetism, or tensors? I definitely need help with tensors. And I do appreciate your offer of help. I only wish it weren't so hard to explain things by email. Dave - Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Feustel Sent: Saturday, February 11, 2006 6:04 AM To: misc@openbsd.org Subject: X11 exploit info at http://www.hackinglinuxexposed.com/articles/ is a 3-part series on X-11 exploits which those who think they understand x11 security might wish to read and comment upon. I clearly don't understand x11 security so I have no comments, but I will read with great interest comments by anyone else. 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into another machine can compromise your desktop... 08-Jun-2004: The ease of (ab)using X11, Part 2 Abusing X11 for fun and passwords. 13-May-2004: The ease of (ab)using X11, Part 1 X11 is the protocol that underlies your graphical desktop environment, and you need to be aware of its security model. Dave Feustel -- Lose, v., experience a loss, get rid of, lose the weight Loose, adj., not tight, let go, free, loose clothing Okay, seriously whoever is cracking into Dave's system will you please post to the list what your magic hole is so we can all get on with life? And Dave, you did read the carefully prepared memo on commonly used passwords didn't you? Thanks, -Matt-