Bugtraq mailing list archives
Re: HP-UX Explotation/Repair/Info scripts
From: ice9 () paranoia com (ice9)
Date: Thu, 4 May 1995 20:30:57 -0500 (CDT)
I Will be soon changing some SunOS platforms to HP-UX and I feel like lost from the security point view wich I always s tudied on the Sun machines. I would like if possible any kind of explotaion scripts , detailed information, etc about existing HP bugs. HP folks sa y not to worry "HP-UX is the most secure", I don't beleive them... Any help will be very appreciated..Try formatting for something around 80 columns. Not to be too rude, but the "lameness" meter twitches around ten each time you post or send a message. I am sure most people ignore your idiocy on comp.security.unix, but it's getting very annoying.
Jesus! Do you know this guy, or do you reply to everyone in this manner?
To answer your question, no, HSUX is not the most secure nor the most insecure. I have seen numerous root holes (i.e. vhe_u_mnt), remote holes (i.e. mountd bugs), and the like. With 10.0 purporting to be more 'standard' like other systems and depending on NFS and NIS, there will surely be a new variety of holes to examine. Every Unix has its own variety of holes and there is no one set of holes that covers them all.
I think he is aware of that fact, hence the question...
The way you ask questions is at the same level of a skr1pt hacker. If you were a hacker instead of a 'security professional', I can imagine you sitting on IRC saying "D0od!#$@ GiMMe SuMma DoZe AyCH-PeE skR1pZ!" I don't think this is the best way to get help with your questions, so instead of bursting into a forum with dumb questions, read the list for a while and search the archives for past answers to those with the same inclination as yourself.
Last time I checked, I thought this list had a more professional atmosphere.. It seems to me that while his question was rather vague, it WAS a valid concern. Looks to me like he's looking for general info. Not EVERYONE can be quite as eloquent as you when posting to a list. However, I hope in the future that others do not follow the example that you've just set! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ice9 () paranoia com http://www.paranoia.com/~ice9 My opinion may not reflect that of any living person, but its the only one that counts!! main() {for(;;fork());} =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Current thread:
- Re: Detecting a sniffer, (continued)
- Re: Detecting a sniffer Mark Owens (May 02)
- Re: Detecting a sniffer Brett Lymn (May 03)
- Re: Detecting a sniffer Jim Seymour (May 03)
- Re: Detecting a sniffer robert owen thomas (May 04)
- Re: Detecting a sniffer Perry E. Metzger (May 04)
- pm speaks too soon Dr. Frederick B. Cohen (May 04)
- Re: pm speaks too soon Perry E. Metzger (May 04)
- Re: pm speaks too soon Jeffrey Russell Horner (May 04)
- HP-UX Explotation/Repair/Info scripts sysec () BIX com (May 04)
- Re: HP-UX Explotation/Repair/Info scripts Nathan Lawson (May 04)
- Re: HP-UX Explotation/Repair/Info scripts ice9 (May 04)
- Re: HP-UX Explotation/Repair/Info scripts Michel Lavondes (May 05)
- SIGNOFF bugtraq Karl Kamin (May 05)
- Re: Detecting a sniffer Mark Owens (May 02)