[1710] in bugtraq
Re: HP-UX Explotation/Repair/Info scripts
daemon@ATHENA.MIT.EDU (ice9)
Thu May 4 23:37:55 1995
From: ice9@paranoia.com (ice9)
To: nlawson@statler.csc.calpoly.edu (Nathan Lawson)
Date: Thu, 4 May 1995 20:30:57 -0500 (CDT)
Cc: bugtraq@fc.net
In-Reply-To: <9505050038.AA12735@statler.CalPoly.Edu> from "Nathan Lawson" at May 4, 95 05:38:01 pm
>
> > I Will be soon changing some SunOS platforms to HP-UX and I feel like lost from the security point view wich I always s
> > tudied on the Sun machines.
> > I would like if possible any kind of explotaion scripts , detailed information, etc about existing HP bugs. HP folks sa
> > y not to worry "HP-UX is the most secure", I don't beleive them...
> > Any help will be very appreciated..
>
> Try formatting for something around 80 columns.
>
> Not to be too rude, but the "lameness" meter twitches around ten each time
> you post or send a message. I am sure most people ignore your idiocy on
> comp.security.unix, but it's getting very annoying.
Jesus! Do you know this guy, or do you reply to everyone in this manner?
> To answer your question, no, HSUX is not the most secure nor the most insecure.
> I have seen numerous root holes (i.e. vhe_u_mnt), remote holes (i.e. mountd
> bugs), and the like. With 10.0 purporting to be more 'standard' like other
> systems and depending on NFS and NIS, there will surely be a new variety of
> holes to examine. Every Unix has its own variety of holes and there is no one
> set of holes that covers them all.
I think he is aware of that fact, hence the question...
> The way you ask questions is at the same level of a skr1pt hacker. If you
> were a hacker instead of a 'security professional', I can imagine you sitting
> on IRC saying "D0od!#$@ GiMMe SuMma DoZe AyCH-PeE skR1pZ!" I don't think this
> is the best way to get help with your questions, so instead of bursting into
> a forum with dumb questions, read the list for a while and search the archives
> for past answers to those with the same inclination as yourself.
Last time I checked, I thought this list had a more professional atmosphere..
It seems to me that while his question was rather vague, it WAS a valid
concern. Looks to me like he's looking for general info. Not EVERYONE can
be quite as eloquent as you when posting to a list. However, I hope in the
future that others do not follow the example that you've just set!
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
ice9@paranoia.com http://www.paranoia.com/~ice9
My opinion may not reflect that of any living person, but its the
only one that counts!!
main() {for(;;fork());}
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
