Michael P. Soulier
msoulier at storm.ca
Fri Nov 29 14:10:30 EST 2002
On 29/11/02 Mike Thomas did speaketh:
> What if the via an exploit in the a publicly available service, other
> ports are opened? This back door is often employed by crackers after
> they have compromised the system. At a minimum I think you would want to
> setup an iptables rule that only allowed traffic into your machine on
> specific ports (and possibly check the source port on any outgoing
> traffic). If you do that you are essentially building a firewall anyway.
But if they can crack a daemon running as root, as so many of them are,
they have access to the firewall to do whatever they like.
Michael P. Soulier <msoulier at storm.ca>, GnuPG pub key: 5BC8BE08
"...the word HACK is used as a verb to indicate a massive amount
of nerd-like effort." -Harley Hahn, A Student's Guide to Unix
HTML Email Considered Harmful: http://expita.com/nomime.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://tux.oclug.on.ca/pipermail/oclug/attachments/20021129/c91b14cd/attachment.bin
More information about the OCLUG