LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-13-2001, 10:11 AM   #1
ashis
LQ Newbie
 
Registered: Jun 2001
Posts: 11

Rep: Reputation: 0
Thumbs down in how many ways hacking is done


i want to know in details in how many ways hacking is done so that i can take steps to combat them . i have a linux redhat 7 os.also please suggest the ways to combat them.
thanks for ur time
ashis
 
Old 06-13-2001, 06:47 PM   #2
pnut028
LQ Newbie
 
Registered: May 2001
Posts: 3

Rep: Reputation: 0
protection?

unplug your computer, or just stay offline. Those are the two best ways. or you can cut shutdown all network processes with

PS -u(username) |grep inetd
take the number that reveals and
kill -9 (#)
 
Old 06-13-2001, 10:41 PM   #3
ashis
LQ Newbie
 
Registered: Jun 2001
Posts: 11

Original Poster
Rep: Reputation: 0
i do not want this solution.this is too much trivial.pliz let me know how a hacker start hacking . so far i know they get information about ports of my machines by portscanning. they attack from the port where sendmail or nameserver are working. how i can combat them? pliz anyone answer.


 
Old 06-14-2001, 03:56 AM   #4
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Ashis,

There isn't enough memory in my computer to type a long enough answer to your question.

It's something you'll have to read from books and pick up bit by bit, then when you've read loads all the bits you've picked up are in your head.

I suggest you start with this book as there is no quick fix.
I've been working in secuirty for over seven years and I'm still learning everyday.

Hacking Linux Exposed (7.x)
Anne Carasik, Brian Hatch, George Kurtz, Saumil Shah
Paperback - 608 pages (April 2001)
Osborne McGraw-Hill; ISBN: 0072127732

Also checkout security sites for white papers etc etc etc etc.

Just some examples of sites to start with.
http://www.eeye.com/html/
http://xforce.iss.net/
http://www.rsasecurity.com/standards/ssl/
http://www.technotronic.com/
http://www.nmap.org/
http://www.crypto.com/
http://www.counterpane.com/blowfish.html
http://www.securityportal.com/
http://www.cryptography.com/
http://www.jos.org/doc/security/ob_index.html
http://www.safenetworks.com/Windows/windows.html
http://www.cotse.com/
 
Old 06-14-2001, 10:52 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Raz:
Quote:
It's something you'll have to read from books and pick up bit by bit, then when you've read loads all the bits you've picked up are in your head.
Raz, I hope u will agree with me many ppl don't realize a Linux box is so much more powerfull that a Wind0ze box. Ppl easily forget there comes a responsability with that. Not primarily to themselves, but towards the whole 'net cuz its their box thatll scan a whole class A for new "friends" to play with.

They should first invest in post-install/basic security of their box before looking into h4x0r attacks. Ppl need to get the basic knowledge to perform good system administration, systematically close common loopholes, maintain system integrity, basically "defend the realm" type of thing, to slow down/stop easy hacking attempts. Que CERT, the AUSCERT unix checklist, Sans.

I mean, what's the point of reading about symlink attacks, shellcode exploits and DoS if u haven't set up ure basic security? This is where we get all these nice T0rnkit, Ramen, Li0n and other scans from. mostly ppl who didn't bother to perform even the most basic security stuff on their box.

I think 99% of the time "tell me about h4x0rz" should read "tell me about securing my boxen"; first the basics, then "playtime" :-]

Id like ure opinion on this one.
 
Old 06-15-2001, 05:31 AM   #6
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
UnSpawn your right.

I've seen systems in physically very secure areas, but lack of security understanding from the general IT staff.
So they might as well leave the keys in the door and a big neon sign with hackme printed on it. Then they wonder why they get picked on and lose money.

If you can learn how to secure a server then it works in giving you understanding of how to get into a unsecured server. Which comes first?

I believe you have to have a passion for IT and to see things through to the end, or you may as well forget it and get your quick fixes off common kiddie scripts and inept hackor forums.

The real skill is in filtering out the useful info from the overwhelming masses of technical guides and whitepapers.
Again chicken and eggs thing, you can only do this when you know what your doing.
So doing things yourself and reading is the only way.

/Raz
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacking Exposed Wireless Hacking Chapter prompt Linux - Wireless Networking 0 05-08-2004 02:44 PM
hacking narendra_i Linux - Security 2 11-15-2003 02:53 AM
HAcking adam_h General 11 09-25-2003 03:40 PM
hacking moeminhtun General 1 01-09-2003 04:39 AM
Hacking... TimDimman Linux - Newbie 5 02-12-2002 03:11 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration