On Thu, 4 May 2006, Eric Ziegast wrote:
An 3l33t hacker might figure out that all he/she had to do was
modify the magic number to get their program to run, but most people
(including script kiddies) wouldn't figure it out, give up, and move
on to softer targets.
Typical
On Thu, 4 May 2006, Eric Ziegast wrote:
I think a few people in the thread gave examples of how hackers and script
kiddies don't really need compilers on the system to do damage. Once qn
intruder is on your system, they can download pre-compiled tools to do what
they need from a similar
On Fri, 5 May 2006, Damien Miller wrote:
On Thu, 4 May 2006, Eric Ziegast wrote:
An 3l33t hacker might figure out that all he/she had to do was
modify the magic number to get their program to run, but most people
(including script kiddies) wouldn't figure it out, give up, and move
on
Otto Moerbeek wrote:
Key mananagement is the most important part. The part that
continuously will require time and attention from a lot of people, and
the part that will cause the headaches. The part where the errors
will be made. System managers experiencing problems and needing to
get
On Fri, May 05, 2006 at 04:30:31PM +1000, Damien Miller wrote:
On Thu, 4 May 2006, Eric Ziegast wrote:
An 3l33t hacker might figure out that all he/she had to do was
modify the magic number to get their program to run, but most people
(including script kiddies) wouldn't figure it out,
On Fri, May 05, 2006 at 08:37:41PM +1000, Jonathan Gray wrote:
Not to mention the whole perl/sh/etc deal which will have to
exist to allow the system to function, and can run whatever.
Not under a correctly configured veriexec.
Otto is correct about exploiting a buffer overflow to run code
On Fri, 5 May 2006, Brett Lymn wrote:
Otto is correct about exploiting a buffer overflow to run code
(certainly veriexec won't stop that trick) but I do wonder if it would
be possible to enforce a restriction that any executable page must be
backed by an on-disk object and how much
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert C Wittig wrote:
I have my MUA set so that this (and other) email-list sub-directories
reply automatically to the list for which they receive email, and only
noticed that you had emailed me off-list on the last email, so all my
replies
I think a few people in the thread gave examples of how hackers and
script kiddies don't really need compilers on the system to do damage.
Once qn intruder is on your system, they can download pre-compiled tools
to do what they need from a similar system where they (or the
script-kiddies'
Hello chefren,
Wednesday, May 3, 2006, 8:34:09 AM, you wrote:
c There are lots of dangers, and of course there is need of an operator
c but if guns are around even an child of 2 years old can kill someone.
c Eh: Without the tool (gun): there is definitely no problem. Of course
c it's possible
On 05/03/06 17:50, Robert C Wittig wrote:
Hello chefren,
..
Yeah... whatever.
I choose not to live this way.
Some things are not to be chosen by individuals in a civil society...
On another topic...
You might want to consider sending future replies to list, instead of
sending them to
Hello chefren,
Wednesday, May 3, 2006, 11:37:48 AM, you wrote:
c This has nothing to do with OpenBSD and it's pretty impolite to
c transfer information send to you personally to a mailing list.
c You may wish to live that way but you won't make lots of friends with it.
I have my MUA set so
Hello chefren,
Wednesday, May 3, 2006, 11:37:48 AM, you wrote:
For what it's worth...
Also... I have threading enabled, so a reply of any sort from a
list-mail will cue on the thread. In order to escape the sort rule,
one must begin an entirely new email.
I do not intentionally reply to
On Tue, 2 May 2006, josh wrote:
Hello...
Some people seem to think that installing a compiler inherently makes
their system less secure... despite never being able to cite any actual
reasons why.
Personally, I really dont see how a compiler is going to lessen
security, particuarly when
On Tue, May 02, 2006 at 04:21:41PM +1200, josh wrote:
Some people seem to think that installing a compiler inherently makes
their system less secure... despite never being able to cite any actual
reasons why.
If someone has enough access to your system to use a compiler (maliciously),
couldn't
On Tue, 2 May 2006, josh wrote:
Hello...
Some people seem to think that installing a compiler inherently makes
their system less secure... despite never being able to cite any
actual reasons why.
Personally, I really dont see how a compiler is going to lessen
security, particuarly when
Hi :)
Maybe some people tend to think installing a compiler is giving an intruder the
possibility to compile his own code. Personally I think, that this thought is
one step too late for securing a system.
If an intruder already has compromised the system it has been proven that the
system is
Maybe, because in some cases, it just takes a bit more time to 0wn your box
if it has no compiler installed.
02 May 2006 16:21:41 +1200, josh [EMAIL PROTECTED]:
Hello...
Some people seem to think that installing a compiler inherently makes
their system less secure... despite never being
Anton Karpov wrote:
Maybe, because in some cases, it just takes a bit more time to 0wn your box
if it has no compiler installed.
Bull.
I've never heard of someone taking over a box using a compiler. After all,
the compiler is not exposed to the outside world. At most, they build some
tools
Hello Anton,
Tuesday, May 2, 2006, 5:05:10 AM, you wrote:
AK Maybe, because in some cases, it just takes a bit more time to 0wn
AK your box if it has no compiler installed.
It's like saying that a handgun makes your house an inherently more
dangerous place. Handguns and compilers are both
Imagine the typical situation: an attacker get non-root access to your
system, maybe due to the hole in your network daemon foobard, maybe due to
the badly coded cgi, or maybe he is a legitimate shell user. The next his
step is to get full privileges, e.g. root account. Let suppose he has a l33t
...on Tue, May 02, 2006 at 03:49:26PM +0400, Anton Karpov wrote:
But what if your system has no compiler? When attacker should compile his
sploit anywhere, and transfer binary evil code onto your box. E.g. he has to
have access to the similar machine, maybe with similas OS version and arch.
On Tue, May 02, 2006 at 04:21:41PM +1200, josh wrote:
Hello...
Some people seem to think that installing a compiler inherently makes
their system less secure... despite never being able to cite any actual
reasons why.
i had a machine get compromised once; now we don't have a compiler
on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anton Karpov wrote:
Maybe, because in some cases, it just takes a bit more time to 0wn your box
if it has no compiler installed.
No, not at all. You can't attack a compiler, it's not accessable from
the outside.
The only reason I can think of in
In my experience it's simple. Generally speaking, not installing a
compiler makes the system less secure. Why? real easy. Most systems I
have ever seen without a compiler has software running on it that is
behind on it's updates. When you ask the system administrator why, it
is Oh I don't
Anton Karpov wrote
If he can break in as a lowly user uname -a will tell him what it is
anyway. And don't tell me we should disable that command or cause it to
lie because then I'll shoot you down another way.
Re-read my message, please. I didn't tell he cannot stat os version and
Maybe, because in some cases, it just takes a bit more time to 0wn your
box
if it has no compiler installed.
No, not at all. You can't attack a compiler, it's not accessable from
the outside.
Noone here talks about attacking a compiler ;) We're discussing differences
for attacker,
But what if your system has no compiler? When attacker should compile his
sploit anywhere, and transfer binary evil code onto your box. E.g. he has
to
have access to the similar machine, maybe with similas OS version and arch.
I know not having a compiler has been considered secure
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hej Bob,
Bob Beck wrote:
In my experience it's simple. Generally speaking, not installing a
compiler makes the system less secure. Why? real easy. Most systems I
have ever seen without a compiler has software running on it that is
behind
...on Tue, May 02, 2006 at 09:46:01AM -0500, Graham Toal wrote:
Back in the old days when the only access to a system was
by a modem to a login prompt, and there was no networking
available to make things easy, the only way to get a
binary on to a machine was to somehow enter it from the
On 5/2/06, jared r r spiegel [EMAIL PROTECTED] wrote:
i am not asserting that the compromise-pack did not have
a precompiled sshd binary for openbsd ( the prior hop
up the compromise chain in this case was a debianlinux ),
but if it didn't, it may not have rooted machine B.
This is a
2006/5/2, [EMAIL PROTECTED] [EMAIL PROTECTED]:
Anton Karpov wrote:
Noone here talks about attacking a compiler ;) We're discussing
differences
for attacker, depending on compiler available or not.
They should.
There is a classic by Ken Thompson (I think) about using a compiler
to
On Tue, May 02, 2006 at 09:33:48AM -0400, jared r r spiegel wrote:
i am not asserting that the compromise-pack did not have
a precompiled sshd binary for openbsd ( the prior hop
up the compromise chain in this case was a debianlinux ),
but if it didn't, it may not have rooted machine
On 5/2/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
There is a classic by Ken Thompson (I think) about using a compiler
to create a back door which has no traces in the source of either
the compiler or of the back-doored module.
Something about who can you trust.
right. and if this is the
On 02/05/06, Anton Karpov [EMAIL PROTECTED] wrote:
privileges to replace your compiler with backdoored one, he has another
65535 ways to abuse your box.
Did you mean 65536 ways?
Anyhow, I doubt many people nowadays have 16-bit boxes on public networks. :)
On 02/05/06, jared r r spiegel [EMAIL PROTECTED] wrote:
On Tue, May 02, 2006 at 09:33:48AM -0400, jared r r spiegel wrote:
i am not asserting that the compromise-pack did not have
a precompiled sshd binary for openbsd ( the prior hop
up the compromise chain in this case was a
[snip]
One thing I didn't follow in this story is why did this 'virus' change
the host key?
It's not like you can't use the old key with the new sshd install, is it?
I see no problem with doing so, I have done so regularly in the past when
doing upgrades. As long as you back up your host
On Tue, May 02, 2006 at 09:49:07PM +0100, Constantine A. Murenin wrote:
On 02/05/06, jared r r spiegel [EMAIL PROTECTED] wrote:
if we didn't have that little PIII/450 sitting next to the
machine now, for the purposes of bringing live, getting
patches onto, making .tgzs, and then
Hello chefren,
Tuesday, May 2, 2006, 7:51:23 AM, you wrote:
c It's quite difficult to shoot yourselves without a gun
Yes, exactly... like I said the danger lies in the user, not in the
tool.
I suppose if a person wants to remain a kludge, and a stumble-bum for
the rest of their life, then they
On 5/2/06, Constantine A. Murenin [EMAIL PROTECTED] wrote:
Another thing is trusting the updated hostkey. Imagine you are a
sysadmin at a university. Do you keep the old hostkey when you
reinstall the system on a specific host? What about when you upgrade a
Sun workstation, but keep the old
On 02/05/06, jared r r spiegel [EMAIL PROTECTED] wrote:
On Tue, May 02, 2006 at 09:49:07PM +0100, Constantine A. Murenin wrote:
On 02/05/06, jared r r spiegel [EMAIL PROTECTED] wrote:
if we didn't have that little PIII/450 sitting next to the
machine now, for the purposes of bringing
On 03/05/06, Chris Kuethe [EMAIL PROTECTED] wrote:
On 5/2/06, Constantine A. Murenin [EMAIL PROTECTED] wrote:
Another thing is trusting the updated hostkey. Imagine you are a
sysadmin at a university. Do you keep the old hostkey when you
reinstall the system on a specific host? What about
On 5/2/06, Constantine A. Murenin [EMAIL PROTECTED] wrote:
If you backup a key from an old workstation onto a new workstation,
and then dispose of the old workstation [in the university setting],
then what if the intruider gets access to the HDD data (i.e. the key)
of the old workstation?
On Tuesday 02 May 2006 19:49, Anton Karpov wrote:
But what if your system has no compiler? When attacker should compile his
sploit anywhere, and transfer binary evil code onto your box. E.g. he has
to have access to the similar machine, maybe with similas OS version and
arch. He has to
44 matches
Mail list logo
