[brluglist] root kits

[Shannon Roddy]

The book "hacking exposed" lists lots of stuff - I am not sure if there 
web site lists as much stuff, but I know it has links to the utilities 
that they use in the book.
Shannon
Dustin Puryear wrote:
<em>> Probably the best place to find links to root-kits and exploits is 
<em>> securityfocus.com. There are other places, but this is the best.
<em>>
<em>> Regards, Dustin
<em>>
<em>> john beamon wrote:
<em>>
<em>>> Well...I found something.  I made an offhand comment at Gatti's that may
<em>>> bear repeating.  I had an impression that lots of us talked about all
<em>>> these apps that were insecure and that we'd never touch, but none of us
<em>>> stepped up to demonstrate it for the crack meeting.  It was a joke, 
<em>>> but it
<em>>> was painfully true for yours truly.  Well, I think I hit the motherload.
<em>>>
<em>>> I did a little google searching on rootkits.  Lots of security warnings
<em>>> ABOUT rootkits, but it took me a half hour to find a link to download 
<em>>> one.
<em>>> I used its title for another search, and it led me to
<em>>> http://packetstorm.securify.com.  There's a sub under there,
<em>>> UNIX/penetration/rootkits, that made me pee in my pants.  I will be
<em>>> setting up a honeypot here soon with cd-only installs of Red Hat 6.2 and
<em>>> 7.x for my own studies.
<em>>>
<em>>> Granted, many of what we call "exploits" are the result of default or
<em>>> unwise configurations.  It takes one line, for example, to configure
<em>>> ProFTPd to jail users in their $HOME.  wu-ftpd takes two lines and a
<em>>> little simple /etc/group editing.  There are more keystrokes involved
<em>>> opening vi.  I think this page deserves a little peek from anyone 
<em>>> running
<em>>> anything as simple as a telnet or anon-ftp service on their
<em>>> internet-connected box.
<em>>>
<em>>> Who's ready for a crack meeting?
<em>>>
<em>>>
<em>>
<em>>
<p><p>================================================
BRLUG - The Baton Rouge Linux User Group
Visit http://www.brlug.net for more information.
Send email to majordomo at brlug.net to change
your subscription information.
================================================
<!-- body="end" -->
<hr noshade>
<ul>
<li><strong>Next message:</strong> Scott Harney: "Re: [brluglist] root kits"
<li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] WINE"
<li><strong>In reply to:</strong> Dustin Puryear: "Re: [brluglist] root kits"
<li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] root kits"
<li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] root kits"
<li><strong>Messages sorted by:</strong> 
[ date ]
[ thread ]
[ subject ]
[ author ]
[ attachment ]
</ul>
<hr noshade>

<small>
<em>
This archive was generated by hypermail 2.1.2 
: <em>Thu Sep 06 2001 - 11:10:54 CDT</em>
</em>
</small>
</body>
</html>