RE: [SLUG] Insight on Code Red II

• Next message: R P Herrold: "RE: [SLUG] Insight on Code Red II"
• Previous message: Wyly Wade: "RE: [SLUG] Insight on Code Red II"
• Maybe in reply to: Kai Lien: "[SLUG] Insight on Code Red II"
• Next in thread: Ian C. Blenke: "Re: [SLUG] Insight on Code Red II"
• Reply: Ian C. Blenke: "Re: [SLUG] Insight on Code Red II"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

and actually Matt one of my favorite exploits is number 5 on the top_ten
sans list.

-----Original Message-----
From: Miller, Matt [mailto:Matt.Miller@expanets.com]
Sent: Thursday, August 09, 2001 1:28 PM
To: 'slug@nks.net'
Subject: RE: [SLUG] Insight on Code Red II

> And those "extreme" weaknesses would be what?

How about various remote root exploits in apache, bind, procmail,
sendmail,
etc...?-- just to name a few of the obvious. Read the revision histories
on
these products/services. Arguably these root exploits aren't
necessarily
Linux specific, but inherent in any UNIX style OS running standard
remote
services. Typically these exploits are a result of buffer overflows --
sounds familiar, huh? Up until recently*, almost all DoS attacks have
come
from compromised UNIX based servers. Attached are some links from SANS:

http://www.sans.org/infosecFAQ/sysadmin/apache.htm
http://www.sans.org/infosecFAQ/DNS/sec_BIND.htm
http://www.sans.org/infosecFAQ/threats/top_ten.htm

Matt

* until of course microsoft deployed a raw sockets tcp/ip stack with
Win2000

• Next message: R P Herrold: "RE: [SLUG] Insight on Code Red II"
• Previous message: Wyly Wade: "RE: [SLUG] Insight on Code Red II"
• Maybe in reply to: Kai Lien: "[SLUG] Insight on Code Red II"
• Next in thread: Ian C. Blenke: "Re: [SLUG] Insight on Code Red II"
• Reply: Ian C. Blenke: "Re: [SLUG] Insight on Code Red II"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:56:54 EDT