What do net attackers look for?
Kristian Erik Hermansen
kristian.hermansen-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Wed Feb 13 22:16:30 UTC 2008
On Feb 13, 2008 1:52 PM, Mike Oliver <moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org> wrote:
> I just set up an Ubuntu system and have been spending lots
> of time configuring it. I put tight IP filtering in place
> and looking at the logs shows lots of probing.
>
> It occurred to me to wonder, just what are they looking for?
> Suppose, hypothetically, that an attacker had been able to guess
> my password while I was setting it up, when I was trying to figure
> out networking issues and briefly turned off ip6tables to see
> if that was the problem. Would they be able to do anything,
> given that I hadn't turned on sshd or telnetd or ftpd? (A "ps -ef | grep"
> on ssh shows something called "ssh-client" or something like that,
> but not sshd.)
You probably want to go and read "Hacking Exposed" to find out the
methodology hackers use to infiltrate systems :-)
--
Kristian Erik Hermansen
"Know something about everything and everything about something."
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list