[Nottingham] Paranoid already

[Robert Davies]

On Saturday 16 Aug 2003 16:09, Michael Leuty wrote:

> I'm running Mandrake 9.1 and have applied all the security updates that
> have been released. My internet connection is via a little black box
> called an "IX66 Internet Gate" which contains both an ADSL modem and a
> firewall. I've also installed the "shorewall" firewall which came with
> Mandrake.
>
> Is there any more I could reasonably do, and how much risk might I be
> running?

Very little risk from the sound of it, as you don't seem to be offering any 
public services.  I have heard of one case, where the 'crack' was via a 
browser, IIRC it was the jpg library which was open to stack smashing, so all 
you had to do, was display the page involved.   But that one was fairly 
unique, most r00t3d boxen are due to running software with known 
vulnerabilities, when providing some service to the Internet.

You should also ask yourself, what do you really have to loose if your machine 
was cracked.  OK, so it's embaressing if your box is used as part of a Denial 
of Service attack, or used to attempt access on sites in the .mil domain, but 
you'ld get over it.  Hopefully you're not in the habit of storing credit card 
numbers, bank details, passwords and encryption keys without the protecting 
the information with strong encryption.

Rob