-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Faithful John said: > So this gives me a second question. I'm pretty sure that I disabled > the remote access ability stuff (though I'm not 100% on that at this > moment). Is there a chance someone could still get into my system in > any way and do anything? (e.g.if firewalls disabled) My impression > was that linux was immune to viruses and resistance to personal > attacks since you needed a root password to do any sort of real > changes.
more complicated than "they need root to get me". escalation of privileges, where a user gets onto your box via some sort of non-root user thru apache, ssh or whatever and then gains root via some local program that is vulnerable. You should run a portscan on yourself with nmap or similar. If you don't have access to another box, you can go to somewhere like dshield.org and run a portscan. Always good to do when setting up a new box. good learning when you get to say "what in the heck is that port open for?" - -- /phil -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCdV0KGbd/rBLcaFwRAjM3AKCFEADz5GwK2j7u7O2773Z/HHgSkQCgqP6n pknLL8zBFzsIdyie5hlmaEs= =6JVa -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
