[NTLUG:Discuss] crackers

Kelly Scroggins kelly at cliffhanger.com
Fri Aug 27 11:46:55 CDT 1999 

I've been watching this thread with great interest as I am new to linux and
firewalls.

The suggestion for a mock-up intruder is a great one.  I would be very interested in
participating.  It's a great opportunity to learn as well as test ones own system.

The comment regarding the trustworthiness of the individuals is a valid one.  Are
there any ideas on validating the "test cracker"?

I think we should be able to work this out and make it fly.  I'd like to do whatever
I can to help.  Being my experience is minimal, any menial task is okay with me.

kelly



Rusty Haddock wrote:

> Daniel Shipman wrote:
>     >
>     >Dan Carlson wrote:
>     >>
>     >> Be sure to change your issue message so that it doesn't indicate that you
>     >> are running linux and what version you are running.  Leaving the default
>     >> message makes it easy for crackers to target known weaknesses in each
>     >> distribution and version.
>     >
>     >Where do I do this at?
>     >Right now when you telnet in it says:
>     >
>     >Red Hat Linux release 5.2 Apollo
>     >Kernal 2.0.36 on an i586
>     >
>     >This is wayyyyyy more info than I want to have out there
>
> This information, for connections via the net just prior to the actual
> login (via rlogin/telnet/etc), is in /etc/issue.net and this file is
> initialized at boot time by /etc/rc.d/rc.local.
>
> /etc/issue is basically the same information but is used by logins at the
> machine's console.
>
> I suggest one of the following sequences be used in it's place:
>
>     Microsoft DOS Version 6.22
>     On an Intel i286 at 6-MHz
>
> or
>
>     Compaq/Digital VAX/VMS
>     Version 7.3
>
> or maybe even
>
>     Tandy/Radio Shack
>     TRS-80 Level II Basic
>
> For man pages
> See also:
>         issue(5)
>         motd(5)
>         login(1)
>
> Have fun!
>
>         -Rusty-
>
> P.S.  Foolishness and kidding aside, regardless of the pre-login display,
>     if you open your system to the outside world NEVER, NEVER, NEVER, EVER
>     use the word "Welcome" in such a message.  That is basically a LEGAL
>     invitation for the loginee to DO AS THEY PLEASE per a number of court
>     decisions back in the late 80's simply because of the use of the word
>     WELCOME.
>
>     Digital Equipment, for one, fought that puppy back then against
>     some crackers that broke into some of their systems.  Their login
>     prompt used to be:
>
>         Welcome to VAX/VMS
>         Username:
>
>     Digital Equipment (now Compaq) lost their battle.
>
> --
>    _____        Rusty Haddock  ##  KD4WLZ  ##  rusty at fe2o3.lonestar.org
> |\/   o \   o
> |   (  -<  O o  I planted my antenna farm and what popped up was aluminum
> |/\__V__/       and copper tubing.  Strange thing is... I used steel seeds!
>
> _______________________________________________
> http://ntlug.org/mailman/listinfo/discuss

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Work like you need the money
Love like you've never been hurt
Dance like nobody's watching
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--

More information about the Discuss mailing list