Professional Web Applications Themes

rootkit attack - Sun Solaris

Does anyone know how to prevent some attacks like Rootkit attack? Thanks Rob...

  1. #1

    Default rootkit attack

    Does anyone know how to prevent some attacks like Rootkit attack?
    Thanks
    Rob


    Rob Guest

  2. #2

    Default Re: rootkit attack

    Approximately 9/30/03 11:50, Rob uttered for posterity:
     

    Keep the machine patched.

    Keep it behind a firewall or shut off all attackable services.

    Keep current and accurate bootable restore images.

    Power it off.

    Lon Guest

  3. #3

    Default Re: rootkit attack

    "Rob" <com> writes:
     

    Try some of the techniques here.

    http://wwws.sun.com/software/security/jass/

    Mostly, turn off services you don't need.

    Sadly, it's not as trivial as you would think.

    Cheers,

    Ian
    Ian Guest

  4. #4

    Default Re: rootkit attack


    "Lon Stowell" <Net> wrote in message
    news:ppkeb.640842$.. 
    >
    > Keep the machine patched.
    > OK.[/ref]
     
    Can you tell me which services? 
    How can I create bootable images?
     
    :)


    Rob Guest

  5. #5

    Default Re: rootkit attack

    "Lon Stowell" <Net> wrote in message
    news:ppkeb.640842$.. 
    >
    > Keep the machine patched.
    >
    > Keep it behind a firewall or shut off all attackable services.
    >
    > Keep current and accurate bootable restore images.
    >
    > Power it off.
    >[/ref]
    Just recommended should be enough, or I should look for specific security
    patches?
    Rob


    Rob Guest

  6. #6

    Default Re: rootkit attack

    Hi,

    There's no such thing as a rootkit attack.... A rootkit is just a
    package of tools that the hacker will use to take control of your
    machine _after_ he successfully attacked it with an exploit on a
    vulnerable service on your machine.

    For instance... if your machine is unprotected to the latest SSH
    vulnerability, the hacker goes in the machine using the SSH exploit,
    afterwards downloads his rootkit (using tftp, ftp, wget, whatever)
    that contains scripts, executables, etc.. , and he starts messing up
    your machine. The rootkit is only a toolbox, not a way in. Of course
    the whole process can be scripted to attack multiple machines at the
    same time ... but you get the idea.

    So follow Lon's suggestions (up to you to decide when to poweroff :] )
    and you should be just fine.

    Alex...
    Alex007 Guest

Similar Threads

  1. OT: ATTACK TO MY SYSTEM
    By Dan Muey in forum PERL Beginners
    Replies: 1
    Last Post: September 23rd, 09:29 PM
  2. Microsoft DoS Attack
    By Al in forum Macromedia Dreamweaver
    Replies: 21
    Last Post: August 2nd, 08:39 AM
  3. Replies: 15
    Last Post: July 20th, 11:58 PM
  4. XP Attack
    By Robert Michon in forum Windows Setup, Administration & Security
    Replies: 1
    Last Post: July 2nd, 03:31 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139