Hackers Theyre evrywhere even here aND (Damn caps lock button) They may even be in your syste13 responses total.
K, thnkz!
Oh dear, those hackers have already stolen an apostrophe, an 'e', a comma, an 'm', and a period from #0.
Judging from the number of copies of exploits (massrooter, ssh exploits, etc) and port scanners that I find every time I start cleaning up disk space, I'd guess that we have about a half dozen new hackers on Grex every day. The quality control isn't very good. Some of them are so 37it3, I'm amazed they figured out how to run newuser without needing a cookbook. (On the other hand, maybe there is a cookbook http hack that exploits a flaw in the Grex newuser CGI to get the industrious hacker a guest account on the system. That'd be about as brilliant as some of these things, and work better. Maybe I should write one and start it circulating.) Still 5% or so seem to be able to figure out that this is a SunOS system and at least download vaguely appropriate exploits. Sadly, even morons with cookbooks do do harm to Grex. They soak up a lot of staff time that could be used constructively instead. They soak up system resources, interfering with constructive use of Grex. The usual self-justification is that hackers improve the security of computers by continuously testing the locks. I have two answers to that. First, a great many of the systems that get hacked into suffer substantial damage, which makes it clear that many hackers do not have lofty goals. Second...well...suppose we treated houses like that. Right now, my house has locks on the doors, but most anyone could break in. Hey, just throw a rock through the window. Now, if hundreds of people tried to break into my house every day, I'd have to do something about that. Bars on the windows, security fence around the property, alarm systems, secured power and phone, fire suppression system, full time security staff, etc. In the end I'd have a much more secure house than I have now, and I'd have all those burglars to thank for it. I'd also have a much more expensive house, and a vastly less pleasant and comfortable one. Can anyone honestly claim that the burglars would have improved my life?
Part 1 - oh joy Part 2 - lol Part 3 - oh bugger Part 4 - I don't buy this, unless they put things back the way they were. And send you a nice email about the problem. And how often does that happen? And even then I'm not sure.
Actually, Jeff, many so-called 'White Hat' hackers, actual security experts who really are trying things out to find exploitable holes so they can be fixed, to my understanding usually *do* send a message about what they did and how they did it. This is, after all, where a lot of the security alerts about Microsoft and so forth come from (the ones that aren't email viruses...). However, somehow i don't think they're more than a very small batch, compared to the crackers that infest this and similar systems. . . . I'm always amazed by the idiots who come in to party and ask flat out if anyone can help them crack some system or other. . . .
This response has been erased.
There certainly are "white hat hackers". I've had a couple people mail me about security flaws in my open source software. I've thanked them and fixed the bugs. It's probable that some of these people, if one of their tired old exploits actually worked on Grex, would tell us about it rather than doing any harm with it. However if a cookbook exploit appears that works on Grex, then within a day or two a dozen people will upload it to Grex and try it. Half will screw up the job and not notice that it works. Half of the remainder might send us a nice message, while the others are busy erasing the system. Grex is currently somewhat protected by the fact that it's software is pretty unusual, it's CPU runs a somewhat uncommon machine language, and we don't insteall new software frequently. This won't be true after we move to the new machine. Security is going to get much harder.
This response has been erased.
No self respecting "h4X0r" would harm a Unix system! Unfortunately, self respect and respect for others is at times difficult to come by. Penetrating anyones system uninvited is just ill behavior no matter how you look at it. I do believe security research is now necessary due to the expanding of cyberspace. I don't like the idea of theft and damage either, but it becomes less likely the more "MS Windows" as well as other "better" operating systems are studied from a security perspective. Their are a few "virtual playgrounds" out there that do invite security related study and will even give tutorials on system vulnerabilities, past exploits and a free account to study whithin. Grex is not the place for this kind of experience.
This response has been erased.
> "We're dinosaurs, therefore, we're protected." --That reminds me .. someone told me once there are no virus in mainframes because no one bothers to make viruses for mainframes ..
The dinosaur argument isn't stupid. Sholmes's analysis is partly right. One standard attack is the a buffer overflow. When a program reads in a line of input, it stores it in a section of memory called a "buffer". But what if you make the input really, really long? Then it might not fit in the buffer, and if the code hasn't been written carefully, then the input could overwrite something store in memory near the buffer. In some cases, that could be part of the program itself. So by feeding in super long lines of data, you might be able to overwrite part of the program with new instructions. The new instructions might create a trapdoor for you to enter the system through. The theory is simple enough, and plenty of programs are around that do inadequate buffer checking, however it isn't entirely simple to actually exploit this weakness. You need to get the right instructions to overwrite the right parts of the program to do what you want. It's normally going to take a moderately knowledgable person at least a few hours of work to construct an effective attack. For popular operating systems, people figure out how to do it, write up a little program that does the job, and then start sharing it around. Once you have such a program, any idiot can run it, likely without even knowing how it works. But such an exploit won't work on all systems. Suppose the buffer overflow was in 'sendmail' (a frequent target). If the attack was written for a different version of sendmail, it may or may not work - if the code has changed, the instructions you are trying to change may be in different places. If the program was compiled on a different compiler or even a different version of the same compiler, the compiler may have placed things in different places in memory. An exploit designed for an Intel processor is definately not going to work on a Sun, because the instruction codes are entirely different. So if an new sendmail buffer overflow bug appears, then Grex's sendmail probably has that bug. But to exploit it, someone needs to develop an attack for Grex's particular version of sendmail (with Marcus's modifications), and Grex's particular version of the gcc compiler (not the stock SunOS compiler), and for the SPARC instruction set. It's perfectly possible, but you almost have to write a custom exploit for Grex. A large percentage of the cookbook vandals running around just don't have the knowledge to do it - or the motivation. After all that work, you have a tool to crack Grex, but it's useless for cracking anything else. If we change to OpenBSD 3.4, then we will probably be running the same version of sendmail, compiled on the same compiler, running on the same kind of processor as everyone else who runs OpenBSD 3.4. Cookbook exploits are much more likely to work against us. In fact, OpenBSD, FreeBSD, NetBSD, and Linux are all similar enough, that in many cases exploits designed for one will work on the others. Though, actually, OpenBSD 3.4 includes a modification that should make all buffer overflow attacks against all programs fail. This doesn't mean that older systems are absolutely safe. Some classes of attacks will work equally well on different architectures. There are always some people who are willing to waste their time developing attacks against older systems. So Grex staff still tries to fix all possible weaknesses as they are discovered. But the pressure will definately be higher under OpenBSD.
http://www.ucomics.com/foxtrot/2003/08/24/
You have several choices: