[NCLUG] Network configuration
J. Paul Reed
preed at sigkill.com
Thu Oct 26 01:06:54 MDT 2000
On 26 Oct 2000 at 00:54:46, Quent modified my mailspool to say:
> Of course; exactly! There is no panacea.
The problem is, stupid people (i.e. skr1p7 k1dd13s) think there is.
> If I run apache as root and someone can use CGI to get a shell, I can't
> expect the kernel to prevent bloody holes from appearing in my foot :-)
It's funny though... new Linux/BSD converts think it can, though, because
they don't know what they're doing (I'm applying this statement, again, to
the script kiddies who heard about this Linux-thing on IRC).
> It seems like most port scanning comes from boxes that have been cracked.
> The owners are usually unaware.
In this case, the kid was a script kiddie, and his "l33t' friend told him
that if he installed OpenBSD, he could do whatever he wanted w/o getting
caught.
I know... I called him.
I hate arrogant little jerks like that...
Of course, he was pretty shocked that I was talking to him on the phone...
but he was still too stupid to figure out how I did it... he thought I
called the cable company.
> I mentioned the stateful packet filter, ipf, but I think dynamic rules
> are something more. That would be very cool to have!
Well, I was talking about a stateful packet filter... I couldn't remember
what it was called. :-)
Later,
Paul
-----------------------------------------------------------------------
J. Paul Reed preed at sigkill.com || web.sigkill.com/preed
We're living in a world that's blowing itself to hell as fast as every-
one can arrange it. -- First Sgt. Edward Welsh, The Thin Red Line
More information about the NCLUG
mailing list