How can someone hack into a Linux server ?


 
Thread Tools Search this Thread
Special Forums Cybersecurity How can someone hack into a Linux server ?
# 8  
Old 07-01-2013
Quote:
Originally Posted by Scrutinizer
What services do you use, what ports do you have open? If you are not using a web server what is the account www-data for? Any service that is running on the server and that can be approached from the Internet by some port number, can be used for a hack and can be vulnerable. If there is a weakness in a service / daemon, than an attacker could potentially acquire the access rights of the user that is used to run that daemon, bypassing any strong password authentication you might have in place..
I use lighthttpd.
# 9  
Old 07-01-2013
Here you can check its vulnerabilities:Lighttpd : Products and vulnerabilities Next up would be to examine the application running on lighttpd.
# 10  
Old 07-01-2013
Quote:
To brute-force my root account 506938 times they will need 253469 IP's cause they get permanently banned after 2 failed login attempts, but even if they did, my password is over 30 randomly generated characters long including upper + lower case letters, numbers, symbols and brackets.
This kind of paranoid security can be used against you in a pretty effective denial-of-service. If someone wants to lock you out of your machine, failing two logins can do it.
# 11  
Old 07-01-2013
Quote:
Originally Posted by Corona688
This kind of paranoid security can be used against you in a pretty effective denial-of-service. If someone wants to lock you out of your machine, failing two logins can do it.
Easier said than done, they will first need to have access to my PC to do that and even if by some miracle someone decides to do that my internet IP is dynamic so i can just reconnect to the internet and reset the ban Smilie or log in from my phone and reset the ban.

This aren't really the answers i am looking for though, would be nice if you guys can tell me other ways an external attacker could get in my machine or what to do to better secure it.
# 12  
Old 07-02-2013
Good that you have a backup plan, but test it very VERY thoroughly; worst case, if your scripts misbehave, you may be forced to physically login to the machine to correct it. Even best-case, your ban lists may grow enormous and unwieldy.

To know every possible way they could get into your machine, would be to call internet security a completely solved problem, which obviously it is not. We don't have total knowledge of your configuration, and we cannot tell the future.

Keep in mind that they do not have to crack your box to use it. Even if they just abuse your CGI scripts to copy a few files into /tmp/ then run them, they may have accomplished enough for their purposes -- using your box as a springboard to crack other boxes, running suspect services on nonstandard >1024 ports, etc.

Not allowing your webserver write-access to anywhere that allows files to be executed can be helpful in preventing this. (see 'noexec' flag for mounting filesystems). A firewall that's paranoid about outgoing and incoming connections can also limit what they're able to do with whatever they manage to exploit.

Last edited by Corona688; 07-02-2013 at 12:43 PM..
# 13  
Old 07-09-2013
May be a root kit been hidden inside any file which you have copied from any source, you can just run a rootkit scan on the over all file system to look any thing interesting poped up .
# 14  
Old 07-09-2013
Quote:
Originally Posted by shiek.kaleem
May be a root kit been hidden inside any file which you have copied from any source
Would this include rootkit scanners?
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Homework & Coursework Questions

Configure the AD Window server with Linux server(google Authenticator is installed)

Hi my name is Manju. ->I have configure the two way authentication on my linux server. ->Now I am able to apply two way authenticator on particuler user. ->Now I want to map this linux server to my AD server. ->Kindly tell me how to map AD(Active Directory) with this linux server. ... (2 Replies)
Discussion started by: manjusharma128
2 Replies

2. Red Hat

Hack a centos Linux box

HI, I have a Centos linux box and there is interface connect to internet. I stop the iptables in this box . After a few day , I find the linux box have been hacked and install some perl script into the box . Could anyone tell me how the hacker can login into the centos box without knowing... (1 Reply)
Discussion started by: chuikingman
1 Replies

3. IP Networking

how to hack linux driver to delay incoming packets

hello, can anyone suggest how to delay the incoming packets ?? or how the packets are prossed inside the kernal and a way to make the packets wait a while?? it wud be vry helpful regards sameer (7 Replies)
Discussion started by: sameer kulkarni
7 Replies

4. Solaris

tty hack

hi all, what i want to do when user open terminal like tty5 and do his work i want to see his terminal how can i do this (1 Reply)
Discussion started by: xxmasrawy
1 Replies

5. UNIX for Dummies Questions & Answers

Hack CPU Utilization

Hi friends, I am currently working on an issue where i should write a program which utilizes Cpu as specified by the user. The function should be provided with an argument ( how much percentage of CPU has to be utilized by the process ) for example CPU(75) should utilize 75% of CPU. The function... (11 Replies)
Discussion started by: nerdychandru
11 Replies
Login or Register to Ask a Question