[linux-elitists] Are we Dead Yet? (or "For every sprinkle I find, I shall kill you!)

Karsten M. Self kmself@ix.netcom.com
Thu Feb 3 12:39:57 PST 2005


on Thu, Feb 03, 2005 at 12:16:29AM -0800, Rick Moen (rick@linuxmafia.com) wrote:
> Quoting Karsten Self (kmself@ix.netcom.com):
> 
> > Note too:  embedded systems.
> 
> Exposed to hostile networks?  Running every conceivable network daemon
> service, _and_ with IP-filtering scripts disabled?  

No.

But if you'll look over the vulnerability notices for Linksys, you'll
note that it offers (public-side) remote administration capabilities,
which have had several security issues.  It's also typically running the
kernel, Apache, and SNMP, at least two of which (kernel & SNMP) have had
remote exploits in recent memory.  Plus, by its very nature, the box
_lives_ on public-facing nets.
 
> If not, your observation is not very relevant to antecedent discussion.
> If it _is_ what you mean, then I don't buy it.  E.g., my TiVo is an
> embedded Linux box, but runs only extremely minimal services, e.g, it
> occasionally pops up a small httpd written in tcl, when needed for
> receiving program updates.  Plus it gets software updates pushed out to
> it.

Um.  Is TiVo connectivity Internet or dialup?  I thought it phoned home
nightly for brainwashing.
 
> Other embedded systems will tend to be even more minimal, and in most
> cases will run from non-volatile media.

Which doesn't mean you can't:

  - Load something into RAM.  So long as it runs, you're golden.

  - Subject the device to a DDoS (as my yarn shows).

> > [...]  Turns out that Linksys firewall/router was a few firmware
> > revs out of date, though it may also have had a hardware fault.
> 
> Certainly a problem, but did it become root-compromised?  Thought not.

Well....  It's rather hard to tell.  The "user interface" of such
systems consists of a web-based tool.  Yes, it's possible to tweak the
system to get shell, I haven't played that game yet, and the typical
owner is unlikely to.  One of the vulnerabilities allowed remote admin:

http://www.governmentsecurity.org/articles/LinksysRouterInformationAcollection.php

...which is core functionality if not root access, per se.

Googling 'linksys "root exploit"' doesn't turn up any likely hits in the
first few pages, so the platform may not have suffered same yet.  Still,
as an inert, widely deployed, household appliance, there's a high risk
of poorly maintained systems.  Blaming the user isn't appropriate here.

 
> Abuse of unmaintained/vulnerable systems without root compromise is
> probably a useful discussion -- but it's not the same as this one.

Thread drift happens.  Get used to it.
 
> Remainder of the quoted text that you attributed to me was -not- from
> any of my posts.  Please watch your attributions.

Um.  I was attributing yourself and Martin Poole.  What did I miss?


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    No one has ever done anything like this.
    Yeah?  That's why it's going to work.
    - The Matrix
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20050203/721efa0a/attachment.pgp 


More information about the linux-elitists mailing list