Re: [SLE] Where are logins recorded?

• Previous message: Daniel Secareanu: "[SLE] load virtual interfaces at boot time"
• In reply to: Damon Register: "Re: [SLE] Where are logins recorded?"
• Next in thread: C Hamel: "Re: [SLE] Where are logins recorded?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: suse-linux-e@suse.com
Date: Tue, 7 Sep 2004 15:36:32 +0200

On Tuesday 07 September 2004 15:14, Damon Register wrote:
> Anders Johansson wrote:
> > Tripwire (or similar) is always useful, but it won't prevent breakins.
> > Only help you detect them after the fact
>
> So are you saying the best one can do is find they have been hacked but
> prevention is not possible?

With the current state-of-the-art programming, no it isn't, short of turning
off all services.

If you are offering a service to the internet, and that service contains a bug
that lets someone crack it, then there is no fool proof way to prevent
someone from doing it. The best you can ever hope for is to make it so hard
that the effort required to crack it isn't worth whatever is found on the
machine.

And history teaches us that with any service, no matter how well audited,
always has odds > 0 that it contains as yet undiscovered security problems

If you stay up to date with all the security patches released, if you only
have services available that you really need to have available and turn off
everything else, and if you use the various security patches such as the
non-executable stack patch and others like it (Solar Designer, grsecurity
etc) then you still won't have a 100% crack proof system, but chances are
that you will defeat the "casual cracker" (read: script kiddie), and if you
don't have anything on your machine that makes it worth the while of someone
who really knows what he's doing, then you will probably be fine.

This isn't to say that a system can't ever be secure, a well programmed system
that has no bugs in it will be. But with current technology, we can't ever
trust it, it will be an act of faith. Some day, someone may come up with a
way to make it practical to produce mathematical proof that a given program
is correct and secure, but to date all efforts that I'm aware of have failed.

This is why, in "real" situations, you should physically separate all services
connected to the internet from any internal machines where your valuable data
is.

-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Daniel Secareanu: "[SLE] load virtual interfaces at boot time"
• In reply to: Damon Register: "Re: [SLE] Where are logins recorded?"
• Next in thread: C Hamel: "Re: [SLE] Where are logins recorded?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]