-
[quote="Bukowski"]
Originally Posted by
false-hopes
when its installed needs locking down HARD.
so true, de"fault knoppix is definately not something you want to go on the internet with, not only you have to lock down services, try to upgrade the kernel(it's bugged) and remove a bunch of useless (suid) files too, when you don' with that, it starts to get reasonably to work with it, although you're not finished yet: you may want to secure/upgrade specific services too.
-
lol
really interesting topic
linux can protect you from windows malware (worm, virus, trojan, windows applications exploit, windows rootkits)
but there is a lot of linux rootkits around
a rootkit scan an ip adress or a range ip looking for some defined open ports (associated with known process security whole)
it logs the scan result in a file and ask you if you want to try to exploit the security wholes on the target comp
there are some root kits you can add your own exploit
so put a linux workstation directly on the internet is not so secure as it seems
my mandrake 8.1 webserver installed behind a secured debianbox was hacked two times in a year
-
Re: lol
Originally Posted by
roger_girardin
really interesting topic
linux can protect you from windows malware (worm, virus, trojan, windows applications exploit, windows rootkits)
but there is a lot of linux rootkits around
a rootkit scan an ip adress or a range ip looking for some defined open ports (associated with known process security whole)
actually, what you describe is a worm, a rootkit is a set of utilities, typically kernel level enhancements that try to hide anomalous activity. for instance, hide network connections as seen wirh netstat, processes as seen by ps, it sometimes adds a icmp backdoor etc.
-
lol
@xaoz
thanks for the help
as you can find over 70 000 windows malwares
as you can find up to 70 linux malwares, linux is a natural protection
the actuals most knows rootkit are like you have defined
but this is just a kind of rootkit
a rootkit is a tool which will give a root access on a target comp
as there many ways to try to do it, every tools attempting to do it are called rootkit
when i see debian router box's firewall log, i can see the attacks
it's very interesting too
regards
Similar Threads
-
By eadz in forum Hdd Install / Debian / Apt
Replies: 11
Last Post: 11-04-2010, 09:02 PM
-
By NetKatz in forum Hdd Install / Debian / Apt
Replies: 2
Last Post: 05-02-2004, 02:38 PM
-
By pierrevn in forum General Support
Replies: 5
Last Post: 12-12-2003, 07:34 AM
-
By Edix in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 11-10-2003, 08:20 PM
-
By kipizit in forum General Support
Replies: 1
Last Post: 11-07-2003, 03:08 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Cisco Nexus N9K-C92160YC-X 48P 25GbE SFP28 6P QSFP+/QSFP28 PE Switch
$499.00
Cisco C9300-NM-8X Catalyst 9300 8 x 10GE Network Module Switch
$375.00
Cisco Nexus 48-Port 10G SFP+ Switch N9K-93128TX w/ 9K-M12PQ 12-Port 40G QSFP
$112.49
Cisco Nexus N3K-C3172PQ-10GE 48P 10GbE 6P QSFP+ Switch N3K-C3172PQ-10GE
$189.00
Cisco C3850-NM-2-10G 2 Port Network Exp.Module for 3850
$30.99
Cisco Nexus N3K-C3064PQ-10GX 48P 10GbE SFP+ 4P QSFP+ Switch (Fair)
$85.00
Cisco Fibre Channel Shortwave SFP+ (DS-SFP-FC32G-SW) Sealed With Hologram
$54.19
🔥🔥🔥 CISCO SFP-10G-SR V03 10-2415-03 850nm 10GBASE-SR SFP+ Multi Module 🔥🔥🔥
$6.80
CISCO MERAKI MS120-24P-HW 24-PORT GIGABIT CLOUD MANAGED PoE SWITCH - UNCLAIMED
$98.55
Cisco WS-C2960X-48FPD-L 48 V07 POE+ GE+2 10G SFP+, LAN BASE 740W w/ C2960X-Stack
$110.00
Reply With Quote