Dave Feustel wrote:
On Saturday 11 February 2006 10:59, Roman Hunt wrote:
Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've
never been allowed to fly on this list.
Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old
are you?
Also, to which post are you referring?
Maybe you think that posting all this ridiculous shit is funny but it's
really not.
Actually, I don't think it's rediculous or funny, but you have a right to your
opinion and
also to express it.
Go take a class at a community college and learn the basics before you post
again.
I may well be the only person in Fort Wayne using OpenBSD or even
pretending to know anything about it.
I am not aware of any courses in BSD around here.
PLEASE! And definitely stop wasting your time trying
To discover how to exploit systems you are unable to comprehend.
Actually, I am in defensive mode. My system is clearly being penetrated.
I am trying to find and plug the holes. So far running pf with a block in all'
seems to
be the most effective defense. I opened up port 80 to run Apache, but I
started having problems again, so I went back to the 'block all' rule.
I've found and reported to kde and misc a security problem in the way
kde is currently ported to OpenBSD. The kde developers understand the problem
and, last I heard, had a fix in the pipeline. I've got a kludge fix for that problem now.
But I am still seeing signs of intrusion, so there are either still unblocked (kde or x11) holes
that I haven't found that provide intruders with at least user privileges, or my system
was rooted at some point in the past and will continue to be rooted until I either reinstall or
upgrade to 3.9 sometime after May. Today I found two attempts to access port
6000.
One from China, the other from Korea.
That said.... If you ever need serious system administration help for a
serious issue (not one you make up when you are all paranoid and gunning
to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to help.
I have no interest in being a cracker. I've looked at what is typically
involved in
cracking a system or creating shell code and I have no interest in spending my
time doing either, although I have more than enough experience with x86 assembly
code for that time-wasting activity. I have other projects that I need
to spend time on. Are you interested in general relativity, electromagnetism, or
tensors? I definitely need help with tensors.
And I do appreciate your offer of help. I only wish it weren't so hard to
explain things by
email.
Dave
-
Roman
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Dave Feustel
Sent: Saturday, February 11, 2006 6:04 AM
To: misc@openbsd.org
Subject: X11 exploit info
at http://www.hackinglinuxexposed.com/articles/
is a 3-part series on X-11 exploits which those who
think they understand x11 security might wish to
read and comment upon. I clearly don't understand
x11 security so I have no comments, but I will read
with great interest comments by anyone else.
05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging into
another machine can compromise your desktop...
08-Jun-2004: The ease of (ab)using X11, Part 2
Abusing X11 for fun and passwords.
13-May-2004: The ease of (ab)using X11, Part 1
X11 is the protocol that underlies your graphical desktop environment, and
you need to be aware of its security model.
Dave Feustel
Dave.
Reformat your hard drive. You will lose all data.
Install OpenBSD 3.8.
Turn on PF and "block in all"
Don't run a web server, you are not qualified to do this.
Don't run ANY server, you are not qualified to do this.
Stay off the internet until you know how to protect your system.
