TUCoPS :: Unix :: General :: security.txt

Security Holes, by Virtual Circuit and Psychotic

-Security Holes-
by Virtual Circuit and Psychotic

With all the technology increasing each day systems are getting broken into nearly every minute. Of course this is good for hackers but it is a growing problem for server-owners and domain-owners, etc. I hope to enlighten you toward a few security flaws and holes. 

The Physical Security Holes and Physical Security Flaws-

A good example of a physical security hole would be an ISP admin giving access to other people or leaving a backup tape around and somebody gets a hold of it. Physical security flaws seem like they would be easy to avoid but simple mistakes like those cause security flaws. These type of security holes can be avoided by choosing a good staff and just taking proper precautions when transfering files and other confidential objects and passwords.

--Software Security Holes and Flaws--

These type of security holes are much more common and they are a little bit harder to avoid. People find new bugs or exploits nearly everday. To list a few: Sendmail, Pine, Pkgtool, Umount, Ftpd, etc.

sendmail - obtain root with sendmail 8.6.12 locally
pine - become users who use pine using tmp files
pkgtool - become root or using pkgtool tmp files
umount - obtain root with umount bug on FreeBSD
ftpd - grab the root password after a ftpd core dump


Sendmail and Pine are two of the most common software holes or exploits. 

Sendmail - A UNIX server must run some SMTP program, normally sendmail. The program receives mail by using the POP protocol and connects to a POP server (normally a UNIX computer) via TCP/IP.

Pine - UNIX or PC client reading/sending mail via either the IMAP procotol or by using UNIX  functionality, i.e. the UNIX computer receives mail by using the SMTP daemon and puts it in a                         spool-area where Pine fetches the mail. SMTP functionality depends on the SMTP                         implementation, normally the Sendmail program. A server for the IMAP protocol is                         normally a UNIX computer.

New holes like this appear all the time, and your best hopes are to:

  a: try to structure your system so that as little software as possible
  runs with root/daemon/bin privileges, and that which does is known to
  be robust.

  b: have people test your system to see if you should upgrade to qmail or find another mail client.

Usage Security Holes and Flaws-

 "Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole."
-Computer Security FAQ-

Problems like these are a pain to find once a system is set up and
running, so it is better to build your system with them in mind. .

To Conclude-

I hope that I have enlightened you toward a few of the security flaws. The only way to stop problems like these is to hire Psychotic to test the security on your business :) I had to throw that in somewhere. 
This text was in no way intended for hackers(we've writen enough for all you people), we wrote this text out of a most of our experiances with breaking into systems........................ the only safe system is one that's been turned off(words to live by).

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH