[Dshield] SuSe Backdoors?

Steven VanDeBogart steve at bob.reno.nv.us
Wed Mar 3 06:29:20 GMT 2004


I made a comment regarding 'nix "backdoors" installed by "developers" which 
we all Know that it's just FUD.
Now I'm not running an "enterprise level" environment here,just a home 
network that I'm trying to keep secure.
Just trying to keep the "kiddies" out of.

I Will know when I've been broken into when the small amount of bandwidth 
that I do have drops to Zero, I Will see my modem going nuts when I'm not 
"on the wire". I won't have to run any app. to see what my bandwidth 
numbers are running at that particular moment compared to an average over 
the last 6 month period. At my work we have a staff of 40 people with 
dedicated job descriptions to handle this exact problem.Each with their own 
set of problems that you as individuals seem to be fighting the whole 
battle alone.Sorry that you are understaffed.
BTW, theres nothing on the 'nix box,just the best firewall/router that I 
could come up with,cheap.Better than any "over the counter solution" that's 
on the market.
Guess that I fall in the "ignorami" group.

                                         Steve



At 09:55 AM 3/2/04, you wrote:
>tir, 02.03.2004 kl. 16.06 skrev Steven VanDeBogart:
>
> > the point is that if my box had been rooted ,i would see traffic outbound.
>
>If your "box" (presuming *nix)  had been rooted, you wouldn't
>necessarily see anything, until you were blown up, after you'd been
>robbed of everything you have.
>
>We aren't talking about the 1,000-to-one ignoramus exploits everyone is
>seeing nowadays. We're talking about professional crackers who know
>their job through and through. Today's kiddie and mafia (small "m")
>mass-crackers rely on the weakness of a particular, closed-source OS.
>And it's no secret that just about all of today's attacks depend upon
>well-aimed social engineering aimed at ignorami, rather than technical
>prowess.
>
>Please, someone, begin reporting on mass Unix or Linux exploits (other
>than the famed Apache open proxy stuff, which is again due to system
>administration by rampant ignorami).
>
>There /is/ no SuSE backdoor, wake up. Other than there's any RedHat,
>BSD, UnixWare, Solaris or True64 backdoor. But root exploits on any *nix
>system certainly do exist and /are/ practiced and /do/ work. But one
>rarely discovers them by watching for "traffic outbound".
>
>--Tonni
>
>--
>
>mail: billy - at - billy.demon.nl
>http://www.billy.demon.nl
>
>_______________________________________________
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list





More information about the list mailing list