Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

My firewall was cracked!



One other thing well I'm thinking about it.  You may want to have your
friend check out Nessus, its a great open source network scanner.

Anthony

On Wed, 21 Feb 2001, Christoph Doerbeck A242369 wrote:

> 
> Well, it wasn't mine, but a friends firewall box ( i486 running Slackware )
> was recently cracked (notice that I used the proper term).
> 
> Anyway, his system was supposedly tied down pretty good.  All exterior
> facing services were additionally shunted by ipchain rules,
> yet someone still managed to get on and start unpacking a rootkit
> of some kind.
> 
> Fortunately the kit was tailored for RedHat, and that's how he detected
> that he had been violated.  A lot of system binaries (ls, df, login) were
> replaced and because they were redhat built they didn't work on his
> slackware system.  I'm not sure of the exact details but...
> 
> Assuming he had a good firewall configuration, does anyone have hints on
> what exploits the cracker may have used to get access?
> 
> Has anyone heard of exploits regarding Linksys or other 
> popular cable firewalls?
> 
> - Christoph
> 
> 
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at blu.org (Subject line is ignored).
> 

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org