Re: [Someone hacking via gnome?]

[Mike Messmore <mesmd rhodes edu>]

On Tue, Aug 15, 2000 at 10:31:06PM -0400, Jesse F. Hughes wrote:
> Anthony Richardella <zorc3@netscape.net> writes:
> 
> > You might want to turn anonymous FTP off. There's the possiblity
> > that who ever it was could have grabbed your /etc/passwd file.
> 
> Can they really get anything useful there?  I just tried that myself,
> from another machine in my LAN.  I logged in anonymously and fetched
> the /etc/passwd file (really /home/ftp/etc/passwd, I guess).  It
> doesn't contain any non-generic user names or any passwords.  So can
> they really get anything harmful?
> 
> Is this a stoopid question?
> 
> Sorry, I know that this has strayed from the gnome topic a bit, but I
> appreciate any help ya'll can offer.  Feel free to tell me to go away.

This is way off topic now, but no, no one could get your /etc/passwd under
normal circumstances using a default setup anonymous ftp.  But someone could
break into your box using the recent wu-ftpd exploit, and obtain root if you
haven't updated wu-ftpd. The password file is a little pointless once you've 
got root.

This wasn't a sophisticated attack, though.  It looks like a vanilla connect() 
scan.  I recommend reading the Linux Administrator's Security Guide for more
general info on how to secure your computer since obviously someone is 
interested.

http://www.linuxdoc.org/LDP/lasg/lasg-www/
or
http://www.securityportal.com/lasg/

--mike messmore

> 
> -- 
> Jesse Hughes
> 
> "You see 300 of something, anything, and you go `[Man], that's a lot
> of stuff.'" -- Jim Bigler, quoted in the Pittsburgh Post-Gazette.
> 
> _______________________________________________
> gnome-list mailing list
> gnome-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/gnome-list

-- 

For if there is a sin against life, it consists perhaps not so much in
despairing of life as in hoping for another life and in eluding the
implacable grandeur of this life.
		-- Albert Camus