Bugtraq mailing list archives

Re: BoS: amodload.tar.gz - dynamic SunOS modules

From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Thu, 20 Jun 1996 19:47:31 -0400

amodload is a quick 'hack' that demonstrates how trivial it is to
load certain modules or patches into the kernel.


(Unless, of course, you've shut off LKM access with my /dev/security
hack.:-)

So for today, the best defense is really to take pro-active action
and prevent intruders from gaining access to your network.  This can
be done with a combination of firewalls and having a continuous
security assessment program in place where you scan your network for
vulnerabilities and correct.  You can test your own machine with a
scanner from www.iss.net.


I trust Christopher Klaus will forgive me for being a bit suspicious
when I notice that his recommend "best defense" just happens to be what
his company is selling.

With writeable CDROM drives around $700, has anybody considered
setting up their system [...] and then backing the disk to WCDROM?


As someone else pointed out, all that does is speed up recovery; it
doesn't harden the system against attacks any.

What _will_ help is to make your boot disk physically read-only.  I
have tried this with SunOS 4.1.x and NetBSD (with NFS-mounted root, not
a real disk that's write protected, but the issues are the same).  The
latter is relatively easy; the former is much harder but I think would
be doable with a couple of binary patches to programs like mount that
pigheadedly insist on writing into /etc.  I've often wanted to set
systems up this way, not because it hardens the system any with respect
to initial compromise but because it hardens it a lot with respect to
leaving trojans and other backdoors lying around.  (I haven't actually
put such a scheme into production; the two machines that I feel are
reasonably secure at present are so largely because they simply do not
offer any network services, and I consider them physically secure.)

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu

Current thread:

Re: BoS: amodload.tar.gz - dynamic SunOS modules Christopher Klaus (Jun 20)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules Dana Bourgeois (Jun 20)
- <Possible follow-ups>
- Re: BoS: amodload.tar.gz - dynamic SunOS modules Dan Stromberg (Jun 20)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules der Mouse (Jun 20)
  - Re: BoS: amodload.tar.gz - dynamic SunOS modules Markus Zellner (Jun 20)
    - Re: BoS: amodload.tar.gz - dynamic SunOS modules Brian Denehy (Jun 20)
  - Re: BoS: amodload.tar.gz - dynamic SunOS modules Brett Lymn (Jun 20)
    - Re: BoS: amodload.tar.gz - dynamic SunOS modules Piete Brooks (Jun 20)
    - Re: BoS: amodload.tar.gz - dynamic SunOS modules Brett Lymn (Jun 21)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules Dave Matthews (Jun 20)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules Dan Stromberg (Jun 21)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules Dan Stromberg (Jun 21)
- Re: BoS: amodload.tar.gz - dynamic SunOS modules J.R.Valverde (Jun 24)