TUCoPS :: Truly Miscellaneous :: security.txt

-Security Holes-
 

-Security Holes-
by Virtual Circuit and Psychotic

With all the technology increasing each day systems are getting broken into
nearly every minute. Of course this is good for hackers but it is a growing
problem for server-owners and domain-owners, etc. I hope to enlighten you
toward a few security flaws and holes. 

The Physical Security Holes and Physical Security Flaws-

A good example of a physical security hole would be an ISP admin giving
access to other people or leaving a backup tape around and somebody gets a
hold of it. Physical security flaws seem like they would be easy to avoid
but simple mistakes like those cause security flaws. These type of security
holes can be avoided by choosing a good staff and just taking proper
precautions when transfering files and other confidential objects and
passwords.

--Software Security Holes and Flaws--

These type of security holes are much more common and they are a little bit
harder to avoid. People find new bugs or exploits nearly everday. To list a
few: Sendmail, Pine, Pkgtool, Umount, Ftpd, etc.

sendmail - obtain root with sendmail 8.6.12 locally
pine - become users who use pine using tmp files
pkgtool - become root or using pkgtool tmp files
umount - obtain root with umount bug on FreeBSD
ftpd - grab the root password after a ftpd core dump


Sendmail and Pine are two of the most common software holes or exploits. 

Sendmail - A UNIX server must run some SMTP program, normally sendmail. The
program receives mail by using the POP protocol and connects to a POP
server (normally a UNIX computer) via TCP/IP.

Pine - UNIX or PC client reading/sending mail via either the IMAP procotol
or by using UNIX  functionality, i.e. the UNIX computer receives mail by
using the SMTP daemon and puts it in a spool-area where Pine fetches the
mail. SMTP functionality depends on the SMTP implementation, normally the
Sendmail program. A server for the IMAP protocol is normally a UNIX
computer.

New holes like this appear all the time, and your best hopes are to:

  a: try to structure your system so that as little software as possible
  runs with root/daemon/bin privileges, and that which does is known to
  be robust.

  b: have people test your system to see if you should upgrade to qmail or find another mail client.

Usage Security Holes and Flaws-

 "Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole."
-Computer Security FAQ-

Problems like these are a pain to find once a system is set up and
running, so it is better to build your system with them in mind. .

To Conclude-

I hope that I have enlightened you toward a few of the security flaws. The
only way to stop problems like these is to hire Psychotic to test the
security on your business :) I had to throw that in somewhere. 

This text was in no way intended for hackers(we've writen enough for all
you people), we wrote this text out of a most of our experiances with
breaking into systems........................ the only safe system is one
that's been turned off(words to live by).

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH