[2836] in bugtraq
Re: Write-only devices (Was read only devices)
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Jun 28 16:33:14 1996
Date: Fri, 28 Jun 1996 13:53:54 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Valdis.Kletnieks@vt.edu
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: Your message of "Fri, 28 Jun 1996 10:36:57 +0700."
<009A4866.3238D1ED.7@samba.cnb.uam.es>
--===_-1_Fri_Jun_28_13:53:53_EDT_1996
Content-Type: text/plain; charset=us-ascii
On Fri, 28 Jun 1996 10:36:57 +0700, you said:
> Crackers do not use old-well-known techiniques. They are constantly
> devising new methods, and you can't know in advance what these will be,
> hence you can't easily discard any information in advance either.
Actually, they *do* use old-well-known techniques. I'm willing to bet
a large pizza with everything on it that most sucessful attacks are
based on crack, network sniffers, and old well-known security holes
like sendmail exploits. Remember that the number of truly innovative
crackers is very limited - 99% of them are lame adolescent-minded
wannabe's that just have toolkits of scripts and things to try....
We had a hacker break in to an SGI system here a few weeks ago. How
did he get in? Well, the 'lp' userid didnt have a password, and then
there was a known exposure mentioned in a CERT advisory.. Instant
root.
We had somebody break into an AIX machine recently. How did he get
in? Well, there was this little unpatched bug with rlogin -froot
mentioned in a CERT advisory...
Now yes.. if you've closed all the usual holes and fixed all the stuff
mentioned in CERT advisories, they'll have to get *clever* to get
in. But most crackers will just give up and go look for an easier
target....
--
Valdis Kletnieks
Computer Systems Engineer
Virginia Tech
--===_-1_Fri_Jun_28_13:53:53_EDT_1996
Content-Type: application/pgp-signature
-----BEGIN PGP MESSAGE-----
Version: 2.6.1
iQCVAwUBMdQcMNQBOOoptg9JAQErtQQAreV2p5Fq3rEsQsJBX45M04jgK79kZiNG
lg3yEl4aRmK2FKgdfu6OWIajZM7OVHvMbPih/BPXzG9xVX7Qyo0REjk6h9+Riq9Q
vImjom03yXzTT1xo1a/24VQU+5fcHKLTlf1W/vYjXs9Lb2MdWt8im/j5MhBW1uOS
hOa4Hcvdzak=
=/OrS
-----END PGP MESSAGE-----
--===_-1_Fri_Jun_28_13:53:53_EDT_1996--
