[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: Inherited & RO Filesystems
From: Brett Lymn <blymn () awadi ! com ! au>
Date: 1996-06-25 13:25:22
[Download RAW message or body]
According to der Mouse:
>
>You don't need that; all you need is to drop the stuff somewhere local
>and then NFS-mount localhost:/some/where/writable on /where/you/want.
Hmmmm you mean you are willing to keep the NFS stuff in the kernel on
a firewall machine? Personally, I trashed that along with every other
option in the kernel - only putting back the ones that made the sucker
work. If the kernel won't support NFS they won't be able to implement
the trick. I suppose they could to the same with a local file system
but that would be a bit trickier to do without being noticed ;-)
>But of course neither one will stay in place upon reboot, and as an
>admin, I'd much prefer a system that needed just a reboot to clean it
>of intruder damage than one that had to be reinstalled off backups.
>
Amen, brother.
>With BSD, you have the additional benefit that the mount list is kept
>in the kernel, so to hide your mount you have to trojan mount as well
>as whatever else - one more thing for the attacker to get wrong....
>
IMHO the harder you make the cracking activity, the more likely it is
they will make a mistake. Besides it certainly will weed out the
script jockeys that fancy themselves as crackers....
--
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
==============================================================================
"Upgrading your memory gives you MORE RAM!" - ad in MacWAREHOUSE catalogue.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic