How can someone hack into a Linux server ? | Unix Linux Forums | Security

  Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

How can someone hack into a Linux server ?

Security


Tags
security linux hack compromise attack

Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 06-30-2013
ParanoiaUser ParanoiaUser is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 10 July 2013, 11:47 AM EDT
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Bug How can someone hack into a Linux server ?

Hi!

I have a debian linux VPS and i am wondering how would someone be able to hack into it , in what ways ?

I've asked a more knowledgeable friend and he said the only way someone would be able to get into my VPS is via FTP or SSH, are there some other ways someone can enter my machine ?

I have extremely strong passwords for all the accounts enabled and use fail2ban as well to ban SSH and FTP attackers.

I don't use apache,mysql,email accounts and update the server as often as possible.

Would appreciate if some of you guys could tell me, in what ways can my machine be compromised ?

Thanks.
Sponsored Links
    #2  
Old 06-30-2013
Just Ice's Avatar
Just Ice Just Ice is offline Forum Advisor  
Lights on, brain off.
 
Join Date: Mar 2005
Last Activity: 20 September 2013, 10:59 AM EDT
Location: Philadelphia metro
Posts: 958
Thanks: 3
Thanked 66 Times in 59 Posts
some go in with a smile and a hello ... really ... you also have to be careful with internal hackers who have access -- you have heard of snowden and manning, right?

also, see if you can have users use SFTP instead of FTP ... turn off all unnecessary services and remove all compilers ... run the security scans as well as the hardening tools regularly if possible ...
Sponsored Links
    #3  
Old 06-30-2013
ParanoiaUser ParanoiaUser is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 10 July 2013, 11:47 AM EDT
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
No other users have access to this VPS, only me, i have 3 accounts enabled, root,1user and www-data.

What security scans and hardening tools should i run ? I have very little knowledge about linux forgot to mention that!
    #4  
Old 06-30-2013
Just Ice's Avatar
Just Ice Just Ice is offline Forum Advisor  
Lights on, brain off.
 
Join Date: Mar 2005
Last Activity: 20 September 2013, 10:59 AM EDT
Location: Philadelphia metro
Posts: 958
Thanks: 3
Thanked 66 Times in 59 Posts
Moderator's Comments:
Deleted Links - Please Do Not Post Replies Which Are Only Links to Other Sites
Sponsored Links
    #5  
Old 06-30-2013
smiff smiff is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 4 October 2013, 4:09 PM EDT
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Anything open to access is part of the attack surface and can be attacked though whether this allows a successful hack is another matter.

The only way to secure a server is consider attacks and what you can do to prevent them.

In your case, you may have strong passwords, but are you going to know if someone tries your root account 506938 times with a brute force attack until they happen to find your password? Does your version of openssh have any security vulnerabilities that are remotely vulnerable? If you give someone else access, how do you know that they are changing things appropriately and not introducing vulnerabilities?
Sponsored Links
    #6  
Old 06-30-2013
ParanoiaUser ParanoiaUser is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 10 July 2013, 11:47 AM EDT
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
I am considering attacks, actually i have proof of them and that's why i am posting here, trying to find out how they can get in other than SSH and FTP.

I do regular updates of my server so as far as i know everything is patched, should be no vulnerabilities,also,no one else has access to the server.

To brute-force my root account 506938 times they will need 253469 IP's cause they get permanently banned after 2 failed login attempts, but even if they did, my password is over 30 randomly generated characters long including upper + lower case letters, numbers, symbols and brackets.

For comparison a 10 char password with upper + lower case letters and numbers has a bit over 107 Billion combinations so i wish them good luck if they try to brute-force their way in lol.

Thats why i've posted here though to find out other ways they can get in other than SSH or FTP login so i can take measures to stop them or reduce their chances of success.

Last edited by DukeNuke2; 06-30-2013 at 09:20 AM..
Sponsored Links
    #7  
Old 06-30-2013
Scrutinizer's Avatar
Scrutinizer Scrutinizer is offline Forum Staff  
Moderator
 
Join Date: Nov 2008
Last Activity: 2 September 2014, 10:38 PM EDT
Location: Amsterdam
Posts: 9,387
Thanks: 273
Thanked 2,349 Times in 2,108 Posts
What services do you use, what ports do you have open? If you are not using a web server what is the account www-data for? Any service that is running on the server and that can be approached from the Internet by some port number, can be used for a hack and can be vulnerable. If there is a weakness in a service / daemon, than an attacker could potentially acquire the access rights of the user that is used to run that daemon, bypassing any strong password authentication you might have in place..
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
how to hack linux driver to delay incoming packets sameer kulkarni IP Networking 7 03-15-2011 12:00 PM
tty hack xxmasrawy Solaris 1 10-11-2010 01:44 PM



All times are GMT -4. The time now is 12:37 AM.