Bugtraq mailing list archives

Re: HP-UX Explotation/Repair/Info scripts

From: ice9 () paranoia com (ice9)
Date: Thu, 4 May 1995 20:30:57 -0500 (CDT)

I Will be soon changing some SunOS platforms to HP-UX and I feel like lost from the security point view wich I 
always s
tudied on the Sun machines.
I would like if possible any kind of explotaion scripts , detailed information, etc about existing HP bugs. HP 
folks sa
y not to worry "HP-UX is the most secure", I don't beleive them...
Any help will be very appreciated..


Try formatting for something around 80 columns. 

Not to be too rude, but the "lameness" meter twitches around ten each time
you post or send a message.  I am sure most people ignore your idiocy on 
comp.security.unix, but it's getting very annoying.


Jesus!  Do you know this guy, or do you reply to everyone in this manner?

To answer your question, no, HSUX is not the most secure nor the most insecure.
I have seen numerous root holes (i.e. vhe_u_mnt), remote holes (i.e. mountd
bugs), and the like.  With 10.0 purporting to be more 'standard' like other
systems and depending on NFS and NIS, there will surely be a new variety of
holes to examine.  Every Unix has its own variety of holes and there is no one
set of holes that covers them all.


I think he is aware of that fact, hence the question...

The way you ask questions is at the same level of a skr1pt hacker.  If you
were a hacker instead of a 'security professional', I can imagine you sitting
on IRC saying "D0od!#$@ GiMMe SuMma DoZe AyCH-PeE skR1pZ!"  I don't think this
is the best way to get help with your questions, so instead of bursting into
a forum with dumb questions, read the list for a while and search the archives
for past answers to those with the same inclination as yourself.


Last time I checked, I thought this list had a more professional atmosphere..
It seems to me that while his question was rather vague, it WAS a valid
concern.  Looks to me like he's looking for general info.  Not EVERYONE can
be quite as eloquent as you when posting to a list.  However, I hope in the
future that others do not follow the example that you've just set!        

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
      ice9 () paranoia com      http://www.paranoia.com/~ice9
My opinion may not reflect that of any living person, but its the 
only one that counts!!
                      main() {for(;;fork());}
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Current thread:

Re: Detecting a sniffer, (continued)
- Re: Detecting a sniffer Mark Owens (May 02)
  - Re: Detecting a sniffer Brett Lymn (May 03)
- Re: Detecting a sniffer Jim Seymour (May 03)
- Re: Detecting a sniffer robert owen thomas (May 04)
  - Re: Detecting a sniffer Perry E. Metzger (May 04)
  - pm speaks too soon Dr. Frederick B. Cohen (May 04)
    - Re: pm speaks too soon Perry E. Metzger (May 04)
    - Re: pm speaks too soon Jeffrey Russell Horner (May 04)
  - HP-UX Explotation/Repair/Info scripts sysec () BIX com (May 04)
    - Re: HP-UX Explotation/Repair/Info scripts Nathan Lawson (May 04)
    - Re: HP-UX Explotation/Repair/Info scripts ice9 (May 04)
    - Re: HP-UX Explotation/Repair/Info scripts Michel Lavondes (May 05)
    - SIGNOFF bugtraq Karl Kamin (May 05)