* OT: Printer/scanner suggestions.
@ Gaijin
` Cody
0 siblings, 1 reply; 5+ messages in thread
From: Gaijin @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
"Doug Sutherland" <doug&proficio,ca> speculated:
> It should not be possible for files to be inaccessible by root.
> It is possible that you now have a rootkit installed.
Yeah, definitely a root-kit with filenames like "input.history" and
"catalog.events". chattr didn't work. I think most of the commands
have been compromised. The little bastage didn't re-write the ls
command very well, though. The files appear if you do an 'ls -a .*' to
display just the dot-files. Then a few dot and non-dot-files
appear...to normal and root users. It's a pretty neat hackk. I really
only had sendmail and fetchmail semi-configured, and a bunch of
symlinks to docs and HOWTO's. Oh, and commenting out half of
rc.profile. <grins> I'm not losing very much.
> > Don't leave ports open!
> Don't run services that you don't need.
> Create some detterants so they go somewhere else instead.
Had all that, except for the deterants. The firewall's closed, and
I'm only running sendmail. I have other services installed but
disabled, as they're not even configured yet. I was planning on
activating the whole shebang with a runlevel change. It's barely above
runlevel 1 at present. It's really no big deal. Helps me learn the
system.
I was wondering though. Do you know if it's possible to require
that both the executable and indestructible bits be set so a program
can run? I was thinking of password protecting the chattr command, or
re-writing it so that it could only be executed from localhost, and
locking everything down. You'd have a catch-22 scenario, if you
removed one of the bits from chattr, though. You couldn't change any
binaries or libraries remotely without access to chattr, nor upload
anything that can be made executable without chattr. <grins> I guess
admins who need full remote access won't like it, though. Nor would
anyone using a package manager, or needing to do any programming. I
guess there would have to be some kind of security toggle that only a
working chattr could disable.
Myself, I'd prefer laughing my hairy butt off at some jerk trying
to upload a virus or root-kit that he can't even run.
Michael
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Printer/scanner suggestions.
OT: Printer/scanner suggestions Gaijin
@ ` Cody
0 siblings, 0 replies; 5+ messages in thread
From: Cody @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
I use the Cannon LIDE35 flat bed scanner and works right out of the box with
xsane. didn't have to do a thing.
$80
----- Original Message -----
From: "Gaijin" <gaijin@clearwire.net>
To: "Speakup is a screen review system for Linux." <speakup@braille.uwo.ca>
Sent: Friday, October 05, 2007 1:33 PM
Subject: OT: Printer/scanner suggestions.
> "Doug Sutherland" <doug&proficio,ca> speculated:
>
> > It should not be possible for files to be inaccessible by root.
> > It is possible that you now have a rootkit installed.
>
> Yeah, definitely a root-kit with filenames like "input.history" and
> "catalog.events". chattr didn't work. I think most of the commands
> have been compromised. The little bastage didn't re-write the ls
> command very well, though. The files appear if you do an 'ls -a .*' to
> display just the dot-files. Then a few dot and non-dot-files
> appear...to normal and root users. It's a pretty neat hackk. I really
> only had sendmail and fetchmail semi-configured, and a bunch of
> symlinks to docs and HOWTO's. Oh, and commenting out half of
> rc.profile. <grins> I'm not losing very much.
>
> > > Don't leave ports open!
> > Don't run services that you don't need.
> > Create some detterants so they go somewhere else instead.
>
> Had all that, except for the deterants. The firewall's closed, and
> I'm only running sendmail. I have other services installed but
> disabled, as they're not even configured yet. I was planning on
> activating the whole shebang with a runlevel change. It's barely above
> runlevel 1 at present. It's really no big deal. Helps me learn the
> system.
> I was wondering though. Do you know if it's possible to require
> that both the executable and indestructible bits be set so a program
> can run? I was thinking of password protecting the chattr command, or
> re-writing it so that it could only be executed from localhost, and
> locking everything down. You'd have a catch-22 scenario, if you
> removed one of the bits from chattr, though. You couldn't change any
> binaries or libraries remotely without access to chattr, nor upload
> anything that can be made executable without chattr. <grins> I guess
> admins who need full remote access won't like it, though. Nor would
> anyone using a package manager, or needing to do any programming. I
> guess there would have to be some kind of security toggle that only a
> working chattr could disable.
> Myself, I'd prefer laughing my hairy butt off at some jerk trying
> to upload a virus or root-kit that he can't even run.
>
> Michael
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.488 / Virus Database: 269.14.1/1050 - Release Date: 10/4/2007
> 5:03 PM
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Printer/scanner suggestions.
` Janina Sajka
@ ` Gaijin
0 siblings, 0 replies; 5+ messages in thread
From: Gaijin @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
Janina Sajka <janina&rednote,net> judged:
> Looks more like inexperience than a crack to me.
<laughs> Yep. You're absolutely right. I was typing 'ls -a'
rather than ls -ad' and was seeing the contents of subdirectories. In
my own defense, I didn't hear the colon. Live and learn, I guess, as I
discovered my mistake yesterday when I was backing up files. I had been
rereading the screen by lines instead of by words. Those 4 and 6 keys
on SpeakUp's keypad made all the difference. I'm still wondering how
the .xine directory got there, though. I started X11 once to see if it
spoke, and then another time to see if Orca was installed and ready to
go, and then gave it the Ctrl+Alt+Backspace when nothing happened. Last
time I played with Xine was on my old Debian system.
Well, I'm off to see if the less command can display 300 lines of
text per screen. Every time I try to "play" something from the Honor
Harrington series of novels, my synth crashes. I guess the PC can't
take all the excitement of David Weber's naval engagements, or it's
female and prefers Nora Roberts' romance novels. <grins> Okay, so I'm
in love with Martha Harmon-Pardee's voice. Sue me. <grins> The "Eve
Dallas"Sci-Fi series suckered me in, and now I'm interested in Peabody.
She's scrappy.
Michael
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Printer/scanner suggestions.
` Doug Sutherland
@ ` Janina Sajka
` Gaijin
0 siblings, 1 reply; 5+ messages in thread
From: Janina Sajka @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
Looks more like inexperience than a crack to me.
To put it differently, I don't see the evidence.
Janina
Doug Sutherland writes:
> Michael,
>
> Try
> chattr -i
> on those files inaccessible by root.
>
> It should not be possible for files to be inaccessible by root.
> It is possible that you now have a rootkit installed.
> A hacker might for example replace your ls command
> and your chmod command, or any other basic utilities
> to make things appear as they are not.
>
> Don't leave ports open!
> Don't run services that you don't need.
> Create some detterents so they go somewhere else instead.
>
> -- Doug
>
>
> > Unfortunately, it seems I've already been hacked. Looks like I'll have
> > to do a full, scratch Slackware reinstall. Found some hidden files in
> > my home directory that aren't even root accessible.
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
--
Janina Sajka, Phone: +1.202.595.7777; sip:janina@a11y.org
Partner, Capital Accessibility LLC http://CapitalAccessibility.Com
Marketing the Owasys 22C talking screenless cell phone in the U.S. and Canada
Learn more at http://ScreenlessPhone.Com
Chair, Open Accessibility janina@a11y.org
Linux Foundation http://a11y.org
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Printer/scanner suggestions.
OT: " Gaijin
@ ` Doug Sutherland
` Janina Sajka
0 siblings, 1 reply; 5+ messages in thread
From: Doug Sutherland @ UTC (permalink / raw)
To: Speakup is a screen review system for Linux.
Michael,
Try
chattr -i
on those files inaccessible by root.
It should not be possible for files to be inaccessible by root.
It is possible that you now have a rootkit installed.
A hacker might for example replace your ls command
and your chmod command, or any other basic utilities
to make things appear as they are not.
Don't leave ports open!
Don't run services that you don't need.
Create some detterents so they go somewhere else instead.
-- Doug
> Unfortunately, it seems I've already been hacked. Looks like I'll have
> to do a full, scratch Slackware reinstall. Found some hidden files in
> my home directory that aren't even root accessible.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~ UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
OT: Printer/scanner suggestions Gaijin
` Cody
-- strict thread matches above, loose matches on Subject: below --
OT: " Gaijin
` Doug Sutherland
` Janina Sajka
` Gaijin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).