Security Basics mailing list archives
Re: setting up an insecure box
From: ptchinster <ptchinster () archlinux us>
Date: Mon, 27 Jul 2009 12:05:16 -0500
Any older software that has a known exploit out there running on a not uptodate OS will get broken into sooner or later. I have not done what you are wanting to do yet, but i do have a server offering several services on the internet and i get to see how people try to break in. You could set up a web server on an old unpatched version of windows. Or, set up a ssh server and create a user called "guest" with a password like, "password" or "guest" or just null. Based on my ssh logs youll have somebody in your box real quick. Whatever you do make sure you are in control - dont let somebody take over your box and then use it to attack others. Configure your box and network, and other boxes on the network properly. You may also want to check into honeypots. http://www.honeyd.org/ You can make virtual computers on your network that you associate a script to a port. So in the config file you might have a line that says, "port 80 is open and run scripts/web_server.pl when somebody connects to it". Then you can have a fake, scaled down web_server.pl script that is custom built to allow 1 type of exploit. I know thats how the people who investigate malware do it often - some new exploit becomes known and they write a program to react as the exploitable software would - then the payload comes and they have it saved. Its all about control, knowing what is going on inside your box. On Thu, Jul 23, 2009 at 9:07 AM, Rob Berk<rberk11 () yahoo com> wrote:
Hi, I am a software developer with a newfound interest in computer security. Inspired by a chapter from "Stealing the Network", I would like to set up an unpatched box to observe and try to learn from- monitor the traffic, try to reverse engineer any malware it gets.. I have a few questions- 1) is this realistic? will setting up an unsecure older box on my home network actually attract any malicious code or people? 2) what software configuration would work best for this? in the book, the (fictional) character sets up a box with windows 2000 and IIS5, and catches the new worm within a few minutes, but the book is a few years old.. would I want to use an unpatched windows server 2003 with IIS6? Also, any other suggestions are very much welcome. Thanks! R ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- -------------------------------- I am a traveler of both time and space, to be where i have been. Many times I've wondered, how much there is to know... And it makes me wonder... ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- setting up an insecure box Rob Berk (Jul 27)
- Re: setting up an insecure box ptchinster (Jul 27)
- Re: setting up an insecure box Richard Golodner (Jul 27)
- Re: setting up an insecure box Kaj Huisman (Jul 27)
- Re: setting up an insecure box ptchinster (Jul 27)