BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] automatic daemon restarts

Subject: [Discuss] automatic daemon restarts
From: blu at nedharvey.com (Edward Ned Harvey (blu))
Date: Tue, 16 Sep 2014 23:00:54 +0000
In-reply-to: <20140916173316.GK10429@dragontoe.org>
References: <5411058F.6010208@gmail.com> <li6a9669ml8.fsf@panix5.panix.com> <CAAbKA3UY2m42=Uzd=3FHfsskkTXfEzYq-qWf9DfA7y1P7QAOYQ@mail.gmail.com> <li67g184ybi.fsf@panix5.panix.com> <746ca932f9f04b02a7d1e57db3ec9b69@CO2PR04MB684.namprd04.prod.outlook.com> <5417215A.4020104@gmail.com> <541748EA.80201@gmail.com> <ebe8a1abe2c842d5b9f78788750e4307@CO2PR04MB684.namprd04.prod.outlook.com> <20140916173316.GK10429@dragontoe.org>

> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Derek Martin
> 
> 1. An attacker of your site is able to exploit a vulnerability to
>    upload a custom malicous loadable module for your managed service,
>    but can not otherwise gain access to a shell or the filesystem.
> 
> 2. The same attacker is also able to exploit a separate bug to cause
>    the server to crash.

You receive notification that your production server is down, and your customers are being unserved and your business is losing $10k per minute.

Are you going to checksum all of your system binaries before starting the service manually?

Of course nothing is foolproof, but the above scenario is what selinux & apparmor & ilk are designed for.  Identify and prevent processes that behave inconsistently with their normal programming.

Follow-Ups:
- [Discuss] automatic daemon restarts
  - From: gcmarx at gmail.com (Gordon Marx)

References:
- [Discuss] SysVinit vs. systemd
  - From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] SysVinit vs. systemd
  - From: smallm at panix.com (Mike Small)
- [Discuss] SysVinit vs. systemd
  - From: bill.n1vux at gmail.com (Bill Ricker)
- [Discuss] SysVinit vs. systemd
  - From: smallm at panix.com (Mike Small)
- [Discuss] SysVinit vs. systemd
  - From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] SysVinit vs. systemd
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] automatic daemon restarts
  - From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] automatic daemon restarts
  - From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] automatic daemon restarts
  - From: invalid at pizzashack.org (Derek Martin)

Prev by Date: [Discuss] automatic daemon restarts
Next by Date: [Discuss] automatic daemon restarts
Previous by thread: [Discuss] automatic daemon restarts
Next by thread: [Discuss] automatic daemon restarts
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.