[plug] Is Red hat truly flawed?
Christian
christian at amnet.net.au
Tue May 2 13:15:44 WST 2000
On Tue, May 02, 2000 at 01:10:01PM +0800, Scott, Simon wrote:
> Most, if not all, distributions simply compile and package up the source as
> it stands from kernel.org....
I think a lot introduce extra patches to support various additional
features that haven't made it into the official release... of course,
these are unlikely to impact on security.
> The article did not mention, but did he need console access to achieve this?
> Most Linux boxes can be 'hacked' from the console, by simply forcing a
> ctrl-alt-del shutdown and then passing 'single' to the kernel from the lilo
> prompt.
Arrgh. This is not a good example at all -- there are too many exceptions
and corrolaries. But you're right that console access is hard to defend
against when faced with severe threats.
> So he got the password file... and???? any site that maintains normal
> password checking (running your own password files thru crack might be a
> good idea) means that brute force dictionary attacks are rendered virtually
> useless... and if you use shadow passwords, he would probably have to hack
> root ops to grab the shadow password file.....
I doubt that most sites actually do this on a regular basis. If you can
get the shadow password file then you're probably going to break a small
but significant number of accounts. It's a pity that bcrypt hasn't been
ported to Linux.
Regards,
Christian.
More information about the plug
mailing list