RE: [SLUG] Insight on Code Red II

From: Miller, Matt (Matt.Miller@expanets.com)
Date: Thu Aug 09 2001 - 13:28:27 EDT


> And those "extreme" weaknesses would be what?

How about various remote root exploits in apache, bind, procmail, sendmail,
etc...?-- just to name a few of the obvious. Read the revision histories on
these products/services. Arguably these root exploits aren't necessarily
Linux specific, but inherent in any UNIX style OS running standard remote
services. Typically these exploits are a result of buffer overflows --
sounds familiar, huh? Up until recently*, almost all DoS attacks have come
from compromised UNIX based servers. Attached are some links from SANS:

http://www.sans.org/infosecFAQ/sysadmin/apache.htm
http://www.sans.org/infosecFAQ/DNS/sec_BIND.htm
http://www.sans.org/infosecFAQ/threats/top_ten.htm

Matt

* until of course microsoft deployed a raw sockets tcp/ip stack with Win2000



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:56:24 EDT