 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Well, it wasn't mine, but a friends firewall box ( i486 running Slackware ) was recently cracked (notice that I used the proper term). Anyway, his system was supposedly tied down pretty good. All exterior facing services were additionally shunted by ipchain rules, yet someone still managed to get on and start unpacking a rootkit of some kind. Fortunately the kit was tailored for RedHat, and that's how he detected that he had been violated. A lot of system binaries (ls, df, login) were replaced and because they were redhat built they didn't work on his slackware system. I'm not sure of the exact details but... Assuming he had a good firewall configuration, does anyone have hints on what exploits the cracker may have used to get access? Has anyone heard of exploits regarding Linksys or other popular cable firewalls? - Christoph - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
