Početak›Forumi›Linuks›Opšte Linuks diskusije›Hakeri oborili server sa Ubuntu Linux-om!
- This topic has 30 odgovora, 11 glasova, and was last updated 16 years, 7 months ranije by marelli.
-
AutorČlanci
-
17. avgust 2007. u 5:03 pm #60062psy_unixUčesnik
Alo ljudi pa nemojte tako . Ako iko mrzi windozu i konkretno UBUNTU (imam ga kuci i na poslu) onda sam to ja . ALI :
Ako se pravilno i precizno konfigurise server ne moze se oboriti ni win 95 . Uvek je kriv ljudski faktor tj admin , veruj te mi . O0 O0 O017. avgust 2007. u 6:16 pm #60063foxbunnyUčesnikMa znamo da imaju lose admine, Ono gore je bila samo fora. :biggrin:
17. avgust 2007. u 6:28 pm #60064miodragzUčesnikNajverovatnije nisu instalirali SP2
17. avgust 2007. u 6:49 pm #60065LYbUčesnikko se pravilno i precizno konfigurise server ne moze se oboriti ni win 95 .
Ne slazem se sa ovime. Imao sam prilike da se uverim kako je win2003 podlozan. Polise su mu neupotrebljive 🙂
Mene vise zabrinjava ideja da stavis ubuntu ili bilo koji distro tog tipa, koji vise naginje hobistima i desktopu, na produkcinone servere.
17. avgust 2007. u 7:47 pm #60066dukenukem_4dUčesnikpostoje linuxi i linuxi ,ovo vec verovatno svi znaju ,ali ajde
stavite trustix secure linux – pa posle nek upadaju ako mogu
http://www.trustix.org/
http://www.trustix.org/content/category/2/3/15/mala napomena : na njemu se teze vrti kocka,jer uglavnom nema x-server
http://distrowatch.com/table.php?distribution=trustix17. avgust 2007. u 7:54 pm #60067BrokeBodyUčesnikznamo da imaju lose admine
Argumenti?
Uostalom, to nisu Cnonical-ovi serveri. Canonical je samo sponzorisao tih 5 servera, jer pripadaju nekim LoCo timovima, a ko zna ko je to drzao.
Ama jel’ citao neko vest uopste?
17. avgust 2007. u 8:34 pm #60068dukenukem_4dUčesnikevo procitao sam:
due to problems with the network card and later kernels
znaci na novom kernelu nije radio driver za neki tip mreznih kartica
pa nisu vrsili update zbog toga.17. avgust 2007. u 9:14 pm #60069BrokeBodyUčesnikHow did this happen
——————-Unfortunately:
a) the servers, especially zambezi were running an incredible
amount of web software (over 15 packages[1] that we recognised)
and
of all the ones where it’s trivial to determine a version, they
were without exception out-of-date and missing security patches.
An attacker could have gotten a shell through almost any of
these sites.b) FTP (not sftp, without SSL) was being used to access the
machines, so an attacker (in the right place) could also have
gotten access by sniffing the clear-text passwords.c) The servers have not been upgraded past breezy due to problems
with the network card and later kernels. This probably allowed
the attacker to gain root.https://lists.ubuntu.com/archives/loco-contacts/2007-August/001510.html
17. avgust 2007. u 10:09 pm #60070LYbUčesnika)
An attacker could have gotten a shell through almost any of these sites.
— Njima ne treba dati da cuvaju ni nacrtanu ovcu, a ne server u produkciji.b)
— Super, dozvolis plaintext login na masinama. Osim toga, sta im znaci ono “hacker in the right place”? Kako je stigao na “right place”? Pomocu servisa pod “a”?c)
— Kernel im nije kriv za njihovu nesposobnost. Osim toga, ako im je BAS stalo da imaju novi kernel, zasto ne promenise mreznu kartu?Lep primer kako ne treba raditi.
Sve u svemu, lepo su me nasmejali 🙂17. avgust 2007. u 11:08 pm #60071BrokeBodyUčesnikNjima ne treba dati da cuvaju ni nacrtanu ovcu, a ne server u produkciji.
Kome tacno?
-
AutorČlanci
Moraš biti prijavljen da bi postavio komentar u ovoj temi.