[rescue] irix insecurity (was: Sparcstation 2 help! Please)

[Greg A. Woods]

[ On Sunday, September 23, 2001 at 23:02:15 (-0400), Patrick Giagnocavo wrote: ]
> Subject: Re: [rescue] irix insecurity (was: Sparcstation 2 help! Please)
>
> Am I wrong about that?  This does assume that the local users are not
> trying to hack the box - that would take a little longer to secure.  In
> some cases my users only need scp, thus, I would disable shell logins.

Yes, if you shut down all the services you don't need, and all the
servers you are running are updated to current versions or replaced by
better and up-to-date freeware versions that are thought to be secure,
and you have full trust of all local users, and maybe you also firewall
all the ports not running official services just to be sure nothing
insecure that accidentally gets started can be connected to, then you
should have a reasonably good chance of surviving any remote attacks.

The problem though with the likes of IRIX and all it's local
vulnerabilities is that should anyone crack through one of your services
and get shell access, even as "nobody", you're likely going to end up
with a root-ed box in no time flat, and big danger there, besides to the
local data and services of course, is that now they've got root access
to a box on the inside of your (first) firewall, which gives them a lot
better chance of cracking your next server....

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods at acm.org>     <woods at robohack.ca>
Planix, Inc. <woods at planix.com>;   Secrets of the Weird <woods at weird.com>