Re: [MLUG] Re: hacking for the grade

["Shawn Parker" <EMAIL:PROTECTED>]

i won't say 'impossible' simply because anything can be cracked given
enough skill, time and effort. but, if you lock down a linux box by
ensuring all unused ports are closed, all user accounts are configured
correctly (permissions, access, etc) and you disable all unused
daemons then it's certainly going to be tough to crack.

 there have been exploitable code flaws in apache, mysql and php in
recent months. not too mention if you don't lock mysql down right then
sql injections could wreak havoc on your system and provide a back way
in.

that said, i have a debian lamp box at my house that has survived 6+
months of daily brute force attempts and, i'm sure, other malicious
attacks. i get ping of death warnings in my firewall logs sometimes.

so far, none of them have been successful. and, i'm by no means a
security expert. i have faith in the security of linux.

On 3/2/06, Mike Miller <EMAIL:PROTECTED> wrote:
> Moved to Membership list:
>
> On Thu, 2 Mar 2006, George B. Robb III wrote:
>
> > For entertainment it would be fun to see an old NT 4.0 with IIS 3.5
> > enabled next to the LAMP boxes...
> >
> > F to the students that can't crack the IIS box...
> >
> > :)
> >
> > Shawn Parker wrote:
> >
> >> http://www.securitydump.com/content141.html
> >>
> >> it would be easy for the professor to set up a couple of LAMP boxes for
> >> the assignment.
>
>
> I do have a question below...
>
> I just submitted a grant where I plan to do all the data management work
> on a nice shining new Linux server with Apache/MySQL/PHP.  A couple of
> people asked if Linux was suitable for this kind of thing.  I added this
> wording in response to those questions:
>
>    Linux operating systems have become predominant in high-end computing
>    in recent years.  All major producers of proprietary UNIX operating
>    systems also offer Linux on their biggest systems (IBM, SGI, Sun, HP)
>    and all of the supercomputers purchased recently by our Minnesota
>    Supercomputing Institute are running Linux (SGI Altix, IBM Netfinity and
>    IBM BladeCluster).
>
> I find that people think that Linux must be good if our supercomputing
> institute is using it.  It does seem like Linux doesn't quite get the
> respect it deserves, but maybe that's just because of the advertising
> budget! ;-)
>
> So here's my question:  If the LAMP box is set up and configured
> appropriately with minimal services, won't it be virtually impossible for
> someone to crack it?  We'll be using SSH and Apache and just about nothing
> else (probably VNC via SSH port forwarding), and SSH connections will be
> limited to the local network (via tcp wrappers) with VPN for outside.  I
> don't think it will be cracked, but if it is, we'll have tripewire, etc.,
> to detect intrusion.  We also have very frequent tape backups so that we
> can recover pre-intrusion data.
>
> Mike
>
> _______________________________________________
> members mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/members
>


--
shawn

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members