[2752] in bugtraq
Re: BoS: amodload.tar.gz - dynamic SunOS modules
daemon@ATHENA.MIT.EDU (Dan Stromberg)
Thu Jun 20 19:50:53 1996
Date: Thu, 20 Jun 1996 16:24:13 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Dan Stromberg <strombrg@hydra.acs.uci.edu>
X-To: fg@portal.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
This is basically autoinstall with toss-away media. The same sort of
thing can be accomplished with NFS or similar. The NFS approach allows
(but does not require) machine-specific customizations, as well.
Dana Bourgeois wrote:
>
> On Thu, 20 Jun 1996, Christopher Klaus wrote:
>
> > amodload is a quick 'hack' that demonstrates how trivial it is to load
> > certain modules or patches into the kernel. The example in the amodload
> > package puts a backdoor into the kernel, so that you can easily
> > obtain root (superuser access) via a simple call.
> >
> > So for today, the best defense is really to take pro-active action and
> > prevent intruders from gaining access to your network. This can be done
> > with a combination of firewalls and having a continuous security assessment
> > program in place where you scan your network for vulnerabilities and correct.
> > You can test your own machine with a scanner from www.iss.net.
>
> Simple question:
>
> With writeable CDROM drives around $700, has anybody considered setting up
> their system from the Solaris CD, adding whatever software they need/want
> to the machine and then backing the disk to WCDROM? It would seem that if
> data files are backed up at regular intervals to the standard backup
> system, the pure system could be quickly recreated any time there was a
> question about break-ins. Maybe even on a regular basis.
>
> fg@portal.com
> Black '93 R1
