What do net attackers look for?
JoeHill
joehill-R6A+fiHC8nRWk0Htik3J/w at public.gmane.org
Fri Feb 15 06:48:30 UTC 2008
Mike Oliver wrote:
> Quoting Lennart Sorensen <lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org>:
>
> > On Wed, Feb 13, 2008 at 05:30:06PM -0500, Mike Oliver wrote:
> >> I don't really want to know all the gory details. I'm mostly interested
> >> in the answer to the direct question: If an attacker can guess your
> >> password
> >> and your firewall is off, but you haven't turned on any of the obvious
> >> daemons, what is the risk level?
> >
> > I guess it depends if your kernel has any security holes in itself. In
> > general though if no services are listening, it is quite secure.
>
> OK, so I've checked ssh, rsh, telnet, ftp; they're all off. Are there
> any others? BTW I googled for "ubuntu kernel vulnerability" or some such
> and it seems that there was one that was just patched, but it didn't seem
> terribly relevant because the attacker had to be "local", and all it did
> was give him root access, which if he could become "local", as I understand
> it, he would have anyway through sudo (assuming he got the local access
> through knowing the password).
One thing I've noticed that is enabled by default with Ubuntu is vino-server,
to enable VNC clients to connect to your computer. The bad news is it is
apparently very difficult to stop it from running (runs at login I think) and it
cannot be uninstalled.
--
JoeHill
++++++++++++++++++++
Bender: I need a calculator.
Fry: You are a calculator.
Bender: I need a good calculator.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://gtalug.org/pipermail/legacy/attachments/20080215/62334819/attachment.sig>
More information about the Legacy
mailing list