Bugtraq mailing list archives
Re: Write-only devices (Was read only devices)
From: Valdis.Kletnieks () vt edu (Valdis.Kletnieks () vt edu)
Date: Fri, 28 Jun 1996 13:53:54 -0400
--===_-1_Fri_Jun_28_13:53:53_EDT_1996 Content-Type: text/plain; charset=us-ascii On Fri, 28 Jun 1996 10:36:57 +0700, you said:
Crackers do not use old-well-known techiniques. They are constantly devising new methods, and you can't know in advance what these will be, hence you can't easily discard any information in advance either.
Actually, they *do* use old-well-known techniques. I'm willing to bet a large pizza with everything on it that most sucessful attacks are based on crack, network sniffers, and old well-known security holes like sendmail exploits. Remember that the number of truly innovative crackers is very limited - 99% of them are lame adolescent-minded wannabe's that just have toolkits of scripts and things to try.... We had a hacker break in to an SGI system here a few weeks ago. How did he get in? Well, the 'lp' userid didnt have a password, and then there was a known exposure mentioned in a CERT advisory.. Instant root. We had somebody break into an AIX machine recently. How did he get in? Well, there was this little unpatched bug with rlogin -froot mentioned in a CERT advisory... Now yes.. if you've closed all the usual holes and fixed all the stuff mentioned in CERT advisories, they'll have to get *clever* to get in. But most crackers will just give up and go look for an easier target.... -- Valdis Kletnieks Computer Systems Engineer Virginia Tech --===_-1_Fri_Jun_28_13:53:53_EDT_1996 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.1 iQCVAwUBMdQcMNQBOOoptg9JAQErtQQAreV2p5Fq3rEsQsJBX45M04jgK79kZiNG lg3yEl4aRmK2FKgdfu6OWIajZM7OVHvMbPih/BPXzG9xVX7Qyo0REjk6h9+Riq9Q vImjom03yXzTT1xo1a/24VQU+5fcHKLTlf1W/vYjXs9Lb2MdWt8im/j5MhBW1uOS hOa4Hcvdzak= =/OrS -----END PGP MESSAGE----- --===_-1_Fri_Jun_28_13:53:53_EDT_1996--
Current thread:
- Re: Write-only devices (Was read only devices), (continued)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
- Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
- Re: Write-only devices (Was read only devices) Casper Dik (Jun 27)
- Re: Write-only devices (Was read only devices) aleipold () clark net (Jun 27)
- Re: Write-only devices (Was read only devices) Robert Banz (Jun 28)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Valdis.Kletnieks () vt edu (Jun 28)