Buffer overflow attack ?
Kostas Gewrgiou
gewrgiou at imbc.gr
Mon Aug 30 02:51:46 EEST 1999
On Sun, 29 Aug 1999, Spiros Bolis wrote:
> At 02:35 μμ 29/8/1999 , you wrote:
> >Gia apache 1.3.6 pithanon ontws na sou ekanan buffer overflow opws epishs
> >kai an xrhsimopoieis netscape server pou exoun "100% problem.
> Sketo Apache 1.3.6 apo RPMs .
>
Ean koitakseis to request pou steilane tha prosekseis to .htr sto telos,
pou ean thymamai kala einai ena palio bug gia IIS, psakse stis sxetikes
listes gia to post apo tin eeye (den thymamai kai toso kala).
Den xreiazetai na anysixis lipon, kapio script kiddie pithanotata einai
(pios allos tha dokimaze hack gia IIS se apache). Vevaia ean exeis mixanima
me IIS ekei gyro kai xoris ta patches gia auto to buffer overflow tote
na arxiseis na trexeis.....
> >Oso gia to an
> >petyxe to stoxo tou , tha mas bohthouses perissotero an ekanes ena
> >netstat -a |grep LISTEN gia na doume an yparxei kapoio open port created
> Ta mona poy den 3erw einai ta services stis portes 1000toso poy einai
> non-priviledged bebaia, alla eimai mesa me telnet, trexei kai o web server
> opote isws einai kapoio port forwarding. To 1004 me anhsyxei ligo [to 6000
> einai kapoio ODBC-sxetiko h h MySQL , de thymamai sigoyra]
>
Tha toniso oti genika einai ASXIMI idea na stelneis plirofories gia to
mixanima sou se public listes, diladi ean sou zitaga to root password gia
na do ean petyxe to script kiddie me to exploit tha to estelnes ??????
Skepsou oti autos pou dokimase na bei sto mixanima sou borei na einai
kai se autin tin lista (xoris na thelo na thikso kanenan) h kapios allos
tha apoktisi arketes plirofories gia to setup sou oste na dokimasei na bei.
Skepsou lipon tin epomeni fora prina kaneis kati viastika.....
>
>
> >meta to attack h koitaxe epishs mhpws exoun peiraxtei login,telnetd kai
> >alloi daemons (Use tripwire kanei douleia)
>
> Eida ligo ta RPMs kai de moy fanhke tipota peiragmeno. Twra fysika den exei
> nohma na balw to tripwire giati den eixw checksums apo prin. Ta logs (last,
> daemons k.o.k) poy eida den exoyn tipota periergo alla fysika borei na
> exoyn alloiwthei. (Twra ektimw thn odhgia toy tripwire poy leei "krata th
> database se safe medium px. disketa")
Ta checksums einai xrisima, pantos kapios pou bike sto mixanima sou tha
borouse aneta na frontisei oste ta allagmena arxeia na exoun akoma ta idia
checksums opote den einai kati pou boreis na stirixtis epano tou.
Auto den simenei oti to tripwire einai axristo, apla pote min theoriseis
oti mias kai to tripwire den paraponethike oti eisai secure.
H database tou rpm exei checksums episis, opote boreis na kaneis enan
elenxo kai apo ekei... rpm --verify xxxxxxx
>
> >Auta gia perissotera infos me personal e-mail....
> >Euxaristw
> >
> >Reply on : Cyberia at hack.gr
>
> O,ti idees exeis poly eyxaristws tha ithela na tis diabasw alla apo th
> stigmh poy esteila mail sth lista isws endiaferei kai ta alla paidia opote
> protimhsa na apanthsw sth lista
>
> kai.....egw eyxaristw :-) ,
>
>
> Spiros D. Bolis
Kostas Gewrgiou.
--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr/archives
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users at hellug.gr
====================================================================
More information about the Linux-greek-users
mailing list