[Gllug] p2p programs
Martin A. Brooks
martin at hinterlands.org
Sun Nov 13 14:44:25 UTC 2005
Henry Gilbert wrote:
> Ah OK, so you know of an individual that had his Desktop Linux compromised?
> I need to interview him.
Interview away. A redhat box I inherited as a workstation was
compromised via a vulnerable version of wu-ftpd.
> rm -fr *
>
> browsing the net as root or non-root will hardly make a difference
> apart from increasing one's paranoia.
Rubbish. Let's take one example, IRC. I frequently use IRC to get and
provide help on various topics. When I'm helping someone, if I were
feeling malicious, I could ask them to execute a command that would be
destructive if done as the root user. Because I'm "helping" the user,
the chances are they will just blindly copy and paste the command in.
"rm -rf" is a bit unimaginative and will almost always be recoverable.
"dd if=/dev/urandom of=/dev/hda & (:(){ :|:;};:) " is a little bit
harder to undo.
It's no coincidence that many "help" channels have a permanent ban on
the root user's hostmask.
> OK were you present at the Discovery Meeting yesterday?
No, I was busy stripping and cleaning walls in bedroom #4.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list