From: “Mark M.” <markm@voicenet.com>
To: “Igor Chudov @ home” <ichudov@algebra.com>
Message Hash: 2741c28387b37ded05c2d068a80f3d3b155de71760520aa4a81bb6fead91726e
Message ID: <Pine.LNX.3.95.960901141631.186B-100000@gak>
Reply To: <199609011509.KAA26254@manifold.algebra.com>
UTC Datetime: 1996-09-01 20:19:20 UTC
Raw Date: Mon, 2 Sep 1996 04:19:20 +0800
From: "Mark M." <markm@voicenet.com>
Date: Mon, 2 Sep 1996 04:19:20 +0800
To: "Igor Chudov @ home" <ichudov@algebra.com>
Subject: Re: Moscowchannel.com hack
In-Reply-To: <199609011509.KAA26254@manifold.algebra.com>
Message-ID: <Pine.LNX.3.95.960901141631.186B-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, 1 Sep 1996, Igor Chudov @ home wrote:
> snow wrote:
> >
> > On Sat, 31 Aug 1996, Joel McNamara wrote:
> >
> > > Not really crypto, but related to the DOJ hack in a way.
> > >
> > > Moscow Channel is a pretty slick, Russian news/commentary page. Their Web
> > > site was hacked and altered by someone who didn't seem to like Russians all
> > > Just a matter of time before some builds a dedicated Satan type tool that
> > > scans for HTTP server holes or messed up file permissions to make locating
> > > potential victims easy.
> > Write your web site to a CD-ROM and hard-code the base directory into the
> > webserver.
>
> A hacker who has root can forcibly unmount the cdrom and mount another
> directory on that node. Not a good solution.
As soon as the sysadmin finds out, said directory can be unmounted and CD-ROM
device can be remounted. Besides, if someone manages to get root access on any
machine, the sysadmin of that machine is basically screwed anyway. It's much
better than having to back up the web page on a tape and having to restore the
data when it is altered.
- -- Mark
PGP encrypted mail prefered.
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQEVAwUBMinT7yzIPc7jvyFpAQHe7AgAuRNtTXZeLkuXo0CFoJOgrI+EEfHOKUsI
9KoRm+aesqNOvFpxPcHiE2QypMDjgjFqGozsT+Qb48W82Yt0p10PdqGtq1Ais+M0
b8gwLbnUPY8tnRFL49TqZIvAHl2kyo/7pxViTrXfNtBe+rSA+9FZHPBJgtHzWy2X
LIOQ9P6NPMmdlKuaeZQ3oF1esbvlHInsYOgGTJN0DZQR8ivFyXZ3MA0XjXvnF2pl
4lUDfgUN+BAQzhW56o0cgBnGYetujNJYVAQkzUwCIs2sfxS1Sex305vqfmFHUVkY
HACMhuoVXYZXuF+5NCjfhHsnjEiYgeMczGTZDlwOCbIFTxCc8/t6tQ==
=oxki
-----END PGP SIGNATURE-----
Return to September 1996
Return to “snow <snow@smoke.suba.com>”