Security Incidents mailing list archives
Re: Bind8 exploit and a deleted partition map
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Wed, 14 Feb 2001 11:55:08 -0500
On Tue, 13 Feb 2001 14:29:24 PST, Crist Clark <crist.clark () GLOBALSTAR COM> said:
Derek Kwan wrote:3) Delete any software (esp. daemon) if you don't plan to use themOK, this is the reason for my reply. I think this may be uneccessarily strong. The key is do not RUN any daemons you do not need. Just having a file of non-setuid, executable code sitting on the hard drive is of very little risk. Figuring out what can and can't be TURNED OFF without
Famous last words. I don't know *how* many times I've had to re-do /etc/inetd.conf on SGI machines to re-install tcp_wrappers and re-disable things I'd turned off already because an SGI software update replaced it. /etc/rcX.d have similar problems. You rename 'S10snmp' to 's10snmp' so it won't be started, and a patch comes along and drops a new S10snmp on your system.. POING! you get to re-disable it. Now if you had *REMOVED* snmp off your system entirely, you don't have to worry. I've got a RedHat 7.0 box on my desk. I'm not worried about any future security issues with Kerberos. Why? Because I knew we don't use it, and I just 'rpm -e' them. No kerberos binaries on the system, no danger of them getting started. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Bind8 exploit and a deleted partition map Matteo,Marc A. (Feb 13)
- Re: Bind8 exploit and a deleted partition map Luciano Miguel Ferreira Rocha (Feb 13)
- Re: Bind8 exploit and a deleted partition map Jose Nazario (Feb 13)
- Re: Bind8 exploit and a deleted partition map Derek Kwan (Feb 13)
- Re: Bind8 exploit and a deleted partition map Crist Clark (Feb 13)
- Re: Bind8 exploit and a deleted partition map Jeremy L. Gaddis (Feb 14)
- Re: Bind8 exploit and a deleted partition map Valdis Kletnieks (Feb 14)
- Re: Bind8 exploit and a deleted partition map Eric Brandwine (Feb 14)
- Priorities (was: Bind8 exploit and a deleted partition map) Dustin Mitchell (Feb 15)
- Re: Priorities (was: Bind8 exploit and a deleted partition map) Crist Clark (Feb 15)
- Re: Bind8 exploit and a deleted partition map Crist Clark (Feb 13)
- Re: Bind8 exploit and a deleted partition map Luciano Miguel Ferreira Rocha (Feb 13)
- <Possible follow-ups>
- Re: Bind8 exploit and a deleted partition map Justin Shore (Feb 14)