Full Disclosure mailing list archives
Re: No shell => secure?
From: daniel uriah clemens <daniel_clemens () autism birmingham-infragard org>
Date: Fri, 9 Jul 2004 14:29:56 +0000 (GMT)
This is not security through obscurity. This is security through incompatibility. The point of the idea is to make it necessary for an attacker to rewrite an exploit for my system specifically. This is something that over 99% of the potential attackers would not do, because they don't care about my system. When you have an exploit that works against all the RedHat boxes on the Internet, would you bother to customize it so that it works against one single server of one single random weirdo? It's not worth it.
Of course its worth it if your box IS the target!
Think about it this way. I create my own operating system. It's based on the Linux kernel and common Unix programs, but it uses different paths for everything. This operating system is only used by a single person on this planet. Will anyone bother to rewrite exploits to work against this system?
Once again... if your the target - yes.
And I repeat that I'm NOT talking about people who want to attack this system specifically. I'm talking about people/worms that scan IP ranges for vulnerable systems to run standard exploits against.
But 3 paragraphs above you state the opposite twice. As for standard exploits, there are no standard exploits. Each exploit writer is going to write his/her exploits a bit differently.
There are people who argue that the reason why there are fewer worms that target Linux than Windows is not Linux's superior security but it's lower popularity compared to Windows. If all you care about is to get a huge bot-net with minimum effort or maximum damage with minimum effort, you target the most popular systems only. ====================== I tell you now that I've been running a Linux server for the past 5 years, which I have set up so that all of my paths start with /root, i.e. /root/bin, /root/usr/bin, /root/etc,... Although I've been DOSed and some services have been crashed, I have not been rooted a single time during those 5 years.
That you know of. Why don't you tell us that you aren't running any services on the box also. How many shell accounts have you given out on your linux box in the last 5 years? Its far easier to lock down an linux/unix box via login.conf your partitions and simply some gosh darn good admining of the box than to say since i run linux and haven't been owned its a better box. The statement to state that may or would more accurately paint the picture of what threats you have been stepping away from by using linux might be 'i have been running linux for 5 years, with 5000 shell accounts on the box and since im worried about the threat of a localhost compromise i locked down users to a particular partition and locked down what libraries those users can use..and this makes linux better than xyz because its way easier to do that..'
I claim that the reason why I was never rooted is my special setup. It has made all of the exploits against Linux boxes that were used in the past 5 years non-functional against my system (aside from the DOS/crash aspect).
I would say that is a pretty arrogent statement. If I am a hacker and want to hack your box with popping a shell from a buffer overflow its just as easy to try /weirdopath/bin/sh as it is to try /bin/sh.
To prove that my claim is incorrect you'll have to point me to an ACTUAL EXPLOIT/WORM/VIRUS (or report about such an exploit) ACTUALLY USED during the past 5 years that would have worked WITHOUT CUSTOMIZATION against my system. ======================
I can hear happy gilmore now... SHAMPOO IS BETTA!
Fortunately this will not happen. The standards you mentioned protect me against this. RedHat, SuSE,... can not implement this method, because they can not break standards. This is a method that can only be implemented by random weird individuals such as myself.
Yeah try using your weird operating system on an enterprise network and see how usefull it is when you have to apply a patch. -Daniel Uriah Clemens Esse quam videra (to be, rather than to appear) -Moments of Sorrow are Moments of Sobriety { o)2059686335 c)2055676850 } _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- No shell => secure? Matthias Benkmann (Jul 08)
- Re: No shell => secure? hax (Jul 08)
- Re: No shell => secure? npguy (Jul 09)
- Re: No shell => secure? Kevin Ponds (Jul 09)
- Re: No shell => secure? Matthias Benkmann (Jul 09)
- Re: No shell => secure? Ron DuFresne (Jul 09)
- Re: No shell => secure? Barry Fitzgerald (Jul 09)
- Re: No shell => secure? Vincent Archer (Jul 12)
- Re: No shell => secure? daniel uriah clemens (Jul 09)
- Re: No shell => secure? npguy (Jul 09)
- Re: No shell => secure? hax (Jul 08)
- Re: No shell => secure? Nick FitzGerald (Jul 09)
- Re: No shell => secure? Ron DuFresne (Jul 09)
- Re: No shell => secure? Valdis . Kletnieks (Jul 09)
- Re: No shell => secure? Matthias Benkmann (Jul 09)
- Re: No shell => secure? Valdis . Kletnieks (Jul 09)
- Re: No shell => secure? hax (Jul 09)
- Re: No shell => secure? st3ng4h (Jul 09)
- Re: No shell => secure? hax (Jul 09)
- Re: No shell => secure? Matthias Benkmann (Jul 09)
- Re: No shell => secure? Kurt Seifried (Jul 09)