[ale] hackers and thier methods

Chris Fowler cfowler at outpostsentinel.com
Tue Feb 19 18:18:26 EST 2002


Yea there's a shell.  I wrote it.  So I know it.

-----Original Message-----
From: Joe at orado.localdomain.private
To: ale at ale.org
[mailto:Joe at orado.localdomain.private]On Behalf Of Joseph A Knapka
Sent: Tuesday, February 19, 2002 11:56 AM
To: Chris Fowler
Cc: Stephen Turner; ale at ale.org
Subject: Re: [ale] hackers and thier methods


> Chris Fowler wrote:
> 
> No.  You are in control of your equipment.  Certain pieces of
> equipment lend themselves to being better
> secure then others.  Not due to the nature of the services running on
> it.  But due to the nature of the envirnment on the
> equipment.
> 
> Some embedde quipment has hackable protocols.  That is the nature of
> using any software.  But just because
> they are hackable does not mean the hacker will be sucessful.
> Personally I do nt support the use distro + PC = firewall.
> A product that is built for this may be better suited.  It just scares
> me to load RH 7.2 on a box and configure it as a firewall.
> If I get hacked all the tools are there for mischief.  If it is on n
> embedded piece of equipment then maybe nothing is there of use if they
> gain a shell. 

Or maybe there is no shell.

Try this:

Install any distro you want on a PC. Add iptables. Configure
your firewall the way you want it. Set up the boot process
so that the machine boots with minimal services, brings up
the network interface, configures iptables, and then does
"shutdown -h now" to halt the kernel. Since all the IP
action happens in interrupt context, the machine will
happily filter packets and deal with forwarding, even though
there are no processes running. Almost as good as an
embedded appliance. I used to run my ipchains firewall
that way, a couple years ago, before I switched to OpenBSD.
I think there was a blurb on Slashdot or FreshMeat about
the technique recently.

Cheers,

-- Joe

> Who knows?
> 
> Chris
> 
>      -----Original Message-----
>      From: Stephen Turner [mailto:artic_knight at yahoo.com]
>      Sent: Tuesday, February 19, 2002 5:43 PM
>      To: ale at ale.org
>      Subject: [ale] hackers and thier methods
> 
>      so i remove all these packages from my box, should i bother
>      removing vi? it offers no hacks as i see it but i suppose my
>      REAL question is, can a linux hacker or someone hacking
>      linux run programs outside of your box that will configure,
>      alter the box? or do you have to add programs such as a text
>      editor in order to alter text? and what stops them from
>      installing or "planting" them on my server?
> 
>      ------------------------------------------------------------
>      Do You Yahoo!?
>      Yahoo! Sports - Coverage of the 2002 Olympic Games

-- 
"I should like to close this book by sticking out any part of my neck
 which is not yet exposed, and making a few predictions about how the
 problem of quantum gravity will in the end be solved."
 --- Physicist Lee Smolin, "Three Roads to Quantum Gravity"



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list