Net Manager
Network Managing, Engineering and Administration with an eye toward security.

Best practices meets the real world!


Tuesday, December 02, 2003  

Well, the results are in: LWN: Debian Investigation Report. Sure looks interesting, they used a sniffed password to login to a box, then use a local privilege escalation attack to get root and install a root-kit. This was done on more than one machine, and they used a comprimised account to attack another machine. This is a very interesting attack and well described as to how it happened, but there are a few questions. How was the password sniffed? Why did a known vulnerability not get patched (not just a Debian problem -- Red Hat, Suse et all were affected)? Interesting information....

posted by David | 12/02/2003 01:19:00 PM

0 Comments:

Post a Comment

<< Home
links
Net Manager Blog
Cockatiel Lair

cNet News
eWeek
cNet
InterNet Week
Network World
Information Week
Security Focus
SANS InfoSec Reading Room
CERT
SlashDot
GrokLaw
NewsForge
LWN.net
Linux Journal
Linux Today
Linux Gazette
The Register

Internet Storm Center
DShield
Internet Health Report
Global Instability
SamSpade DNSBLomatic
Virus Encyclopedia
Symantec Anti-Virus
TMS - Symantec
McAfee
Sophos Top Ten

Security Tracker
Hacker Toolkit
Security-Forums
PacketStorm
Phrack
Astalavista
Interhack
RootKits
Knoppix
Knoopix STD
News Links
CNN Online
MSNBC News
CBS News
ABC News
FOX News
USA Today
The Miami Herald
The Washington Post
The New York Times
BBC News
The Guardian
Canada's CBC
Austraila's ABC
Blog Links
IT Blogs
Just Another Geeks Blog
The Lost Olive
CyberCrime Archives
DataCom Guy
One Man I.T.
Geek Style
Pete's Perfect World
TechDirt
archives



contact
You can contact me at: security.networking (at) gmail.com

My Personal Home Page is: LAN Technican.

The views expressed on this site are mine alone and do not necessarily reflect the views of my employer.
Site Feed

PicoSearch

Reading blogs at work? Click to escape to a suitable site!
Get Firefox

Site Meter

Powered by Blogger