Re: No shell => secure?

[daniel uriah clemens <daniel_clemens () autism birmingham-infragard org>]

> This is not security through obscurity. This is security through
> incompatibility. The point of the idea is to make it necessary for an
> attacker to rewrite an exploit for my system specifically. This is
> something that over 99% of the potential attackers would not do, because
> they don't care about my system. When you have an exploit that works
> against all the RedHat boxes on the Internet, would you bother to
> customize it so that it works against one single server of one single
> random weirdo? It's not worth it.


Of course its worth it if your box IS the target!


> Think about it this way. I create my own operating system. It's based on
> the Linux kernel and common Unix programs, but it uses different paths for
> everything. This operating system is only used by a single person on this
> planet. Will anyone bother to rewrite exploits to work against this
> system?


Once again... if your the target - yes.

> And I repeat that I'm NOT talking about people who want to attack this
> system specifically. I'm talking about people/worms that scan IP ranges
> for vulnerable systems to run standard exploits against.

But 3 paragraphs above you state the opposite twice.
As for standard exploits, there are no standard exploits. Each exploit
writer is going to write his/her exploits a bit differently.

> There are people who argue that the reason why there are fewer worms that
> target Linux than Windows is not Linux's superior security but it's lower
> popularity compared to Windows. If all you care about is to get a huge
> bot-net with minimum effort or maximum damage with minimum effort, you
> target the most popular systems only.
>
> ======================
> I tell you now that I've been running a Linux server for the past 5 years,
> which I have set up so that all of my paths start with /root, i.e.
> /root/bin, /root/usr/bin, /root/etc,...
> Although I've been DOSed and some services have been crashed, I have not
> been rooted a single time during those 5 years.


That you know of. Why don't you tell us that you aren't running any
services on the box also. How many shell accounts have you given out on
your linux box in the last 5 years?

Its far easier to lock down an linux/unix box via login.conf your
partitions and simply some gosh darn good admining of the box than to say
since i run linux and haven't been owned its a better box. The statement
to state that may or would more accurately paint the picture of what
threats you have been stepping away from by using linux might be 'i have
been running linux for 5 years, with 5000 shell accounts on the box and
since im worried about the threat of a localhost compromise i locked down
users to a particular partition and locked down what libraries those users
can use..and this makes linux better than xyz because its way easier to do
that..'


> I claim that the reason why I was never rooted is my special setup. It has
> made all of the exploits against Linux boxes that were used in the past 5
> years non-functional against my system (aside from the DOS/crash aspect).

I would say that is a pretty arrogent statement. If I am a hacker and want
to hack your box with popping a shell from a buffer overflow its just as
easy to try /weirdopath/bin/sh as it is to try /bin/sh.


> To prove that my claim is incorrect you'll have to point me to an ACTUAL
> EXPLOIT/WORM/VIRUS (or report about such an exploit) ACTUALLY USED during
> the past 5 years that would have worked WITHOUT CUSTOMIZATION against my
> system.
> ======================

I can hear happy gilmore now... SHAMPOO IS BETTA!

> Fortunately this will not happen. The standards you mentioned protect me
> against this. RedHat, SuSE,... can not implement this method, because they
> can not break standards. This is a method that can only be implemented by
> random weird individuals such as myself.

Yeah try using your weird operating system on an enterprise network and
see how usefull it is when you have to apply a patch.


-Daniel Uriah Clemens

Esse quam videra
                (to be, rather than to appear)
                     -Moments of Sorrow are Moments of Sobriety
                      { o)2059686335             c)2055676850 }

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html