LinuxWorld: Attacking Linux - To stop an attacker, think like a cracker | Linux Today

LinuxWorld: Attacking Linux – To stop an attacker, think like a cracker

Written By
Web Webster
Web Webster
Aug 31, 2000

“Ozancin’s talk dwelled at length on the methods and tools an
attacker (a term he advocates over hacker) uses to select you as
his target and worm his way in.”

“The attacker may also use specialized network-vulnerability
scanners (see Resources): Nessus, the older SATAN and SAINT
packages, Firewalk (which probes and identifies a network’s
firewall ruleset), or proprietary scanners such as Internet
Security Systems’s Internet Scanner and Axxent Technologies’
NetRecon — as well as checking Websites on the target network for
known-exploitable CGI scripts.”

Or the attacker may skip the fancy network scanners and
concentrate on stealing one of your passwords. In my experience,
that is the bad guys’ usual way in and absurdly easy on most
systems.
If one of your users uses Telnet or (nonanonymous)
FTP, or POP3 to reach your system remotely, the user’s login name
and password can be snagged with trivial effort at any point
between the two machines. Alternatively, the malefactor may use as
low-tech a means as shoulder surfing (watching the login as it’s
being typed in), or a variety of social engineering techniques.
People are often astonishingly willing to give their passwords over
the telephone to a stranger with a plausible reason for asking. Or
they email passwords and other confidential data across the open
Internet, ripe for interception.1 At the minimum, the attacker may
telephone the firm to glean people’s names and positions, or get
that information from the company Webpages. He may then be able to
predict valid usernames and try them with likely password
combinations.”

“Then there are the truly embarrassing password techniques that
amount to walking into an open, unguarded bank vault. There are
still services that ship with default remote administrative
passwords, as evidenced by Red Hat Software’s recent Piranha gaffe,
as well as sites reckless enough to use null passwords, the
username as the password, or the username reversed (e.g., toor for
the root account). Or the attacker may use remote techniques to
read a copy of /etc/passwd (on systems without shadow passwords
enabled). Many such past exploits have relied on insecure CGI
scripts provided by default with Web servers that are also
unnecessarily running with root authority. (The Apache Web server
most commonly used on Linux no longer ships with either of those
faults.)”


Complete Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.