[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RE: 'On my Soap Box'

Subject: Re: [cobalt-security] RE: 'On my Soap Box'
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Tue, 6 Mar 2001 16:26:20 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

From: "Gossi The Dog" <gossi@xxxxxxxxxxxxxx>

> On Tue, 6 Mar 2001, Mark Anderson wrote:
>
> > What I'm trying to point out is that protecting a server is
> > fall-off-my-chair-laughing easy. However to be a remotely good
> > attacker, it takes time, skill, intellect and a few drops of
> > luck.
>
> What happens when the next 17 year old kid with a copy of gcc and redhat
> writes the next major exploit and gives it to all his IRC friends (which
> doesn't get posted to bugtraq for a few weeks)?  You get rooted.  Kids
> install Linux Kernel Modules, you don't even know you've been rooted,
> tripwire etc is useless.

I have to agree with the dog. Good hackers can crack your system without you
even knowing it. There are stealth portscanners like nmap that won't even
trip portsentry, there are ways around baseline imaging like
tripwire/fcheck. Its impossible for any system to be 100% secure.

A good system admin has to be very familiar with the methods that hackers
employ. The only way you can fully protect your system is to know how people
are going to try to attack it. That means a truly effective system admin
must know MORE than the hacker.

Kevin

References:
- Re: [cobalt-security] RE: 'On my Soap Box'
  - From: Gossi The Dog

Prev by Date: Re: [cobalt-security] RE: 'On my Soap Box'
Next by Date: Re: [cobalt-security] RE: 'On my Soap Box'
Previous by thread: Re: [cobalt-security] RE: 'On my Soap Box'
Next by thread: Re: [cobalt-security] RE: 'On my Soap Box'

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index