[Dshield] SuSe Backdoors?
steve at bob.reno.nv.us
Wed Mar 3 06:29:20 GMT 2004
I made a comment regarding 'nix "backdoors" installed by "developers" which
we all Know that it's just FUD.
Now I'm not running an "enterprise level" environment here,just a home
network that I'm trying to keep secure.
Just trying to keep the "kiddies" out of.
I Will know when I've been broken into when the small amount of bandwidth
that I do have drops to Zero, I Will see my modem going nuts when I'm not
"on the wire". I won't have to run any app. to see what my bandwidth
numbers are running at that particular moment compared to an average over
the last 6 month period. At my work we have a staff of 40 people with
dedicated job descriptions to handle this exact problem.Each with their own
set of problems that you as individuals seem to be fighting the whole
battle alone.Sorry that you are understaffed.
BTW, theres nothing on the 'nix box,just the best firewall/router that I
could come up with,cheap.Better than any "over the counter solution" that's
on the market.
Guess that I fall in the "ignorami" group.
At 09:55 AM 3/2/04, you wrote:
>tir, 02.03.2004 kl. 16.06 skrev Steven VanDeBogart:
> > the point is that if my box had been rooted ,i would see traffic outbound.
>If your "box" (presuming *nix) had been rooted, you wouldn't
>necessarily see anything, until you were blown up, after you'd been
>robbed of everything you have.
>We aren't talking about the 1,000-to-one ignoramus exploits everyone is
>seeing nowadays. We're talking about professional crackers who know
>their job through and through. Today's kiddie and mafia (small "m")
>mass-crackers rely on the weakness of a particular, closed-source OS.
>And it's no secret that just about all of today's attacks depend upon
>well-aimed social engineering aimed at ignorami, rather than technical
>Please, someone, begin reporting on mass Unix or Linux exploits (other
>than the famed Apache open proxy stuff, which is again due to system
>administration by rampant ignorami).
>There /is/ no SuSE backdoor, wake up. Other than there's any RedHat,
>BSD, UnixWare, Solaris or True64 backdoor. But root exploits on any *nix
>system certainly do exist and /are/ practiced and /do/ work. But one
>rarely discovers them by watching for "traffic outbound".
>mail: billy - at - billy.demon.nl
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see:
More information about the list