Unix/Linux Go Back    


UNIX for Dummies Questions & Answers This forum is closed for new posts. Please post beginner questions to learn unix and learn linux in this forum UNIX for Beginners Questions & Answers

Curious

UNIX for Dummies Questions & Answers


 
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 02-28-2003   -   Original Discussion by skotapal
skotapal's Unix or Linux Image
skotapal skotapal is offline
Registered User
 
Join Date: Aug 2002
Last Activity: 18 October 2007, 7:47 PM EDT
Location: Philadelphia, PA
Posts: 75
Thanks: 0
Thanked 0 Times in 0 Posts
Unix or Linux Question Curious

Dear All
I am curious to know, that in a system compromise, when someone has access to a box, does that individual have access to a shell on the system, i.e. the person is logging into the system using telnet or SSH to remotely access the box?? How does this individual/ hacker access the system. I know it is dumb question, but please someone clarify this to me.

Also could someone direct me to a site that explains backdoors in detail? What are they, how to detect, etc.

Thanks

KS
Sponsored Links
    #2  
Old Unix and Linux 02-28-2003   -   Original Discussion by skotapal
RTM's Unix or Linux Image
RTM RTM is offline Forum Advisor  
Registered User
 
Join Date: Apr 2002
Last Activity: 16 August 2017, 7:13 PM EDT
Location: On my motorcycle
Posts: 3,093
Thanks: 1
Thanked 34 Times in 9 Posts
To your last question of the group...

Quote:
The permenance of these backdoors will depend completely on the technical saavy of the administrator. The experienced and
skilled administrator will be wise to many (if not all) of these backdoors. But, if you have managed to steal root, it is likely the
admin isn't as skilled (or up to date on bug reports) as she should be, and many of these doors may be in place for some time
to come. One major thing to be aware of, is the fact that if you can cover you tracks during the initial break-in, no one will be
looking for back doors.
Taken from hackers playground

To find out more and to understand it all requires a system administrator to know how to hack a system - just as the best investigators know the mind of a criminal, a sysadmin must know the mind of a hacker. Do a search on goggle and read as much as you can.

Sponsored Links
    #3  
Old Unix and Linux 02-28-2003   -   Original Discussion by skotapal
LivinFree's Unix or Linux Image
LivinFree LivinFree is offline Forum Advisor  
Goober Extraordinaire
 
Join Date: Jul 2001
Last Activity: 16 June 2011, 4:50 PM EDT
Location: Portland, OR, USA
Posts: 1,626
Thanks: 2
Thanked 15 Times in 13 Posts
A Backdoor can be via telnet, ftp, ssh, a netcat listener, a custom process, or just about any other net-aware process out there. Some holes that have been used in the past were actually executed through the Sendmail daemon, or via an insecure web cgi.

My favorite place for up-to date security information (and research on past issues) is Bugtraq. You can subscribe to the list, or browse via www.securityfocus.com .

Also, keep in mind it may be near impossible to find someone once they're in. For example, many of the Linux Rootkits floating around modify the system in a way the ls doesn't really show all files, ps doesn't show all processes, lsmod doesn't show all modules loaded. Can you imagine trying to search for "clues" when ls, ps, lsof, find, lsmod, etc etc have been modified? Ick.
Sponsored Links
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Curious GQiang Shell Programming and Scripting 2 07-28-2011 01:51 AM
Curious about the -9 pflickner UNIX for Dummies Questions & Answers 3 11-17-2010 12:48 AM
curious kurosaki Shell Programming and Scripting 6 09-29-2008 09:54 AM
Curious? River Freight Linux 1 10-07-2007 03:40 PM



All times are GMT -4. The time now is 07:57 AM.