[Techtalk] Server was broken into ... what good tools are there to probe vulnerabilities?

jennyw jennyw at dangerousideas.com
Wed Nov 21 13:26:38 EST 2001


Yeah, I'd love to dump them, but there is this little issue of money ... I
can't find anything close to as expensive that doesn't have a huge setup
fee. Ugh. The main reason I don't run the server at home is because of
bandwidth, and because I'd rather have hackers breaking into systems
*outside* of my home network. Of course, with only 300 MB transferred per
month, a 384 connection might not be too bad.

Jen

----- Original Message -----
From: "Michael Carson" <mikecarson at usa.net>
To: "TechTalk" <techtalk at linuxchix.org>
Sent: Wednesday, November 21, 2001 11:29 AM
Subject: Re: [Techtalk] Server was broken into ... what good tools are there
to probe vulnerabilities?


> Raven, corporate courtesan wrote:
>
> > Heya --
> >
> > Quoth jennyw (Wed, Nov 21, 2001 at 09:54:24AM -0800):
> >
> >> Except that my backups would be DNS Zones, MySQL database files, php
> >> files,
> >> html files, and images. I figure if I read through the zone files and
> >> php
> >> files I should be okay. Plus, the php files should execute as nobody
> >> anyway,
> >> so the damage would probably be limited, no?
> >>
> >
> >     You'd think.  Check those PHP files.  But getting nobody access
> > is usually pretty good, since a lot of programs now run as 'nobody'
> > rather than root by default.  So the nobody account has more priviliges
> > than you'd think.
> >
>    You might want to run your various servers as individual users for
> exactly that reason.  That way they don't cross compromise.  OTOH,
> unless you keep up with the latest exploits and patches, there is likely
> to be at least **one ** local root exploit available on the box.
>
>    Jenn, it really sounds like you need to take your business away from
> your current provider, even if that means getting a business DSL line
> and adminning the whole thing yourself...
>
> C.
>
>
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://www.linuxchix.org/mailman/listinfo/techtalk
>
>
>





More information about the Techtalk mailing list