Forum     

Go Back   Digit Technology Discussion Forum > Software > Open Source
An Interesting read for Linux server admins: An Interesting read for Linux server admins:
Register FAQ Calendar Mark Forums Read

Open Source A place where you can talk to like-minded people about the fastest growing software movement today! Discuss anything and everything about Open Source software and Operating Systems.


Closed Thread
 
LinkBack Thread Tools Display Modes
Old 27-08-2007, 08:32 PM   #1 (permalink)
left this forum longback
 
praka123's Avatar
 
Join Date: Sep 2005
Location: -
Posts: 7,536
Post An Interesting read for Linux server admins:

It is very rare that your Linux PC which you use as a Desktop will get compromised especially if you do not run any services like a web server, mail server and so on. More over many modern Linux distributions like for example Ubuntu, targeted at the end user ship with all the ports closed by default. And others like PCLinuxOS bundles with it a robust firewall. So it makes the job of an intruder all the more harder to crack into your machine.


But suppose after all the precautions you take, some resourceful cracker succeeds in finding a loophole and hacks into your machine, how do you detect that your machine has been compromised in the first place?


Lars has written a step-by-step process by which he ascertains that a Linux server run by his friend has been compromised by an intruder. His findings throw light on what you can expect and the steps to take when you are suspicious of getting your machine rooted.


The server was running a fairly updated Ubuntu 6.06 LTS. He goes on to conclude that the compromise could have been caused by :
  1. An exploit unknown to the public.
  2. A user accessing this server from an already compromised host. The attacker could then sniff the the password.
Read this very interesting article which throws some light on the actions of a hacker.

source:
http://linuxhelp.blogspot.com/2007/0...x-machine.html

article :read here:
http://blog.gnist.org/article.php?st...llidayCracking
__________________
left this forum long back.Admin Can Delete this Account and posts Permanantly.Thank You
Get GNU/Linux - http://getgnulinux.org
praka123 is offline  
Advertisements. Register and be a member of the community to get rid of them.
Advertisement

Old 27-08-2007, 10:22 PM   #2 (permalink)
In Pursuit of "Happyness"
 
kalpik's Avatar
 
Join Date: May 2005
Location: New Delhi
Posts: 3,432
Default Re: An Interesting read for Linux server admins:
A VERY interesting read! Thanks for the link! Ill keep an eye on my servers
__________________
Whenever you find yourself on the side of the majority, it is time to pause and reflect. - Mark Twain
kalpik is offline  
Old 27-08-2007, 10:24 PM   #3 (permalink)
left this forum longback
 
praka123's Avatar
 
Join Date: Sep 2005
Location: -
Posts: 7,536
Default Re: An Interesting read for Linux server admins:
btwn dont have servers-but i got rkhunter installed which hopefully detects spreading ones.
__________________
left this forum long back.Admin Can Delete this Account and posts Permanantly.Thank You
Get GNU/Linux - http://getgnulinux.org
praka123 is offline  
Old 27-08-2007, 10:39 PM   #4 (permalink)
The Lord of Death
 
Yamaraj's Avatar
 
Join Date: May 2005
Location: यमलोक
Posts: 253
Default Re: An Interesting read for Linux server admins:
There is a reason why Fedora/Red Hat/CentOS ship with SELinux and SUSE with AppArmor. It's high time Ubuntu started doing the same.
Yamaraj is offline  
Old 27-08-2007, 10:46 PM   #5 (permalink)
Wire muncher!
 
infra_red_dude's Avatar
 
Join Date: Nov 2003
Posts: 6,173
Default Re: An Interesting read for Linux server admins:
i agree yamraj, i think ubuntu and related distros should include se linux or come up wid something of their own. its high time now....

thanks for the article, prakash it sure is thot provoking. ubuntu users should be wary of this....
__________________
"The true measure of a man is how he treats someone who can do him absolutely no good."

http://phoenix-ani.blogspot.com
infra_red_dude is offline  
Old 27-08-2007, 10:46 PM   #6 (permalink)
left this forum longback
 
praka123's Avatar
 
Join Date: Sep 2005
Location: -
Posts: 7,536
Default Re: An Interesting read for Linux server admins:
Maybe Debian too shud be counted.but there is always the SE linux option in Debian & ubuntu(via apt).yeah it needs to be integrated.
though i am confused with PAM(pluggable authentication module)
__________________
left this forum long back.Admin Can Delete this Account and posts Permanantly.Thank You
Get GNU/Linux - http://getgnulinux.org
Last edited by praka123; 27-08-2007 at 10:55 PM.
praka123 is offline  
Old 28-08-2007, 12:33 AM   #7 (permalink)
18 Till I Die............
 
Join Date: Jul 2004
Location: India, Mumbai, Marine Lines
Posts: 5,792
Default Re: An Interesting read for Linux server admins:
Quote:
Originally Posted by praka123
btwn dont have servers-but i got rkhunter installed which hopefully detects spreading ones.
I doubt it will be too useful. A good hacker/cracker will try to modify all such tools to hide their tracks. So, a better idea is to check for rootkits from a live cd. But, how useful that is, I am not so sure. From what I've read it's not that promising.
mehulved is offline  
Old 28-08-2007, 05:37 AM   #8 (permalink)
Dreamweaver
 
Gigacore's Avatar
 
Join Date: Aug 2006
Location: Bangalore
Posts: 3,904
Default Re: An Interesting read for Linux server admins:
nice post. thanks buddy
__________________
Today's noobs are tomorrow's geeks. Don't make fun of them.. encourage them. - Gigacore

Follow me on twitter.com/gigacore
Gigacore is offline  
Old 28-08-2007, 09:03 AM   #9 (permalink)
In Pursuit of "Happyness"
 
kalpik's Avatar
 
Join Date: May 2005
Location: New Delhi
Posts: 3,432
Default Re: An Interesting read for Linux server admins:
Quote:
Originally Posted by infra_red_dude
i agree yamraj, i think ubuntu and related distros should include se linux or come up wid something of their own. its high time now....

thanks for the article, prakash it sure is thot provoking. ubuntu users should be wary of this....
Yeah.. The next version of Ubuntu (Gutsy Gibbon) would include AppArmour by default
__________________
Whenever you find yourself on the side of the majority, it is time to pause and reflect. - Mark Twain
kalpik is offline  
Closed Thread

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Interesting Facts on Linux? paragkalra Tutorials 6 02-08-2007 04:45 PM
Services offered by Windows 2003 Server and Linux Server? kumars Open Source 2 14-05-2007 03:24 PM
A really Interesting way of File/Window manipulation (Linux) subratabera Open Source 8 28-01-2007 01:40 AM
Linux is NOT Windows-must read praka123 Open Source 21 27-07-2006 02:10 AM
Unusual,but interesting< problem with LINUX! Akash Verenkar Open Source 2 21-12-2004 07:44 AM

 
Latest Threads
Happy Birthday to MetalheadGautham and others..
- by thetechfreak
Official Android discussion thread
- by amitabhishek
the FOOTBALL channel
- by Arsenal_Gunners
Windows 8 Thread.
- by Sujeet
Your Gaming Backlog/Progress Report!
- by Ethan_Hunt
I am getting a stdole2.tlb error
- by soumya
Battlefield 3 discussion!
- by cyborg47
Sony announces the water-proof Xperia go and Xperia acro S
- by clmlbx
Battlefield 3 Multiplayer Discussion
- by Charan
Kingdom of Amalur: Reckoning discussion
- by vamsi_krishna

Advertisement




All times are GMT +5.5. The time now is 12:58 PM.

Contact Us - Thinkdigit.com - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2012, vBulletin Solutions, Inc.

Search Engine Optimization by vBSEO 3.3.2