[TAG] (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1

Sindi Keesan keesan at grex.cyberspace.org
Fri Jan 26 21:18:56 MSK 2007 

On Fri, 26 Jan 2007, Benjamin A. Okopnik wrote:

> On Fri, Jan 26, 2007 at 02:09:35AM -0800, Sindi Keesan wrote:
>>
>> I don't even know what a network socket is.
>
> That's pretty much my point. The majority of those who run their
> machines as root literally have _no_ idea of how exposed and vulnerable
> they are.
>
> Sockets and ports are methods by which local and remote clients can
> connect to your machine. Try running 'netstat'; this will show you a
> list of your currently-open sockets and ports.

bash:  netstat:  command not found

You are making too many assumptions about my linux ;=)

>>  Nobody in their right mind
>> would want my system.  The software is 8 years out of date (the hardware
>> is older than that) and the connection is dialup.  Should I be worried
>> anyway?

> See my earlier point about resources. There are Russian and Polish
> companies (and probably lots of others, but those seem to be at the
> forefront) who will sell you their spam-distribution services and boast
> of "thousands of 'captured' machines" that they use for the purpose.
> It's a popular dodge for spammers these days, since it essentially
> counters IP blocking.

I thought they went after broadband.  And Windows.  How exactly would they 
attack a linux machine using dialup internet, without me noticing?

I do most of my browsing and emailing via a shell account to which I ssh 
as root.  Am I still vulnerable to attack?

>>> Also, I'd like to point out that the Unix world was ecstatic about the
>>> rise of CUPS specifically because it allowed us to finally get rid of
>>> lpd / lprNG, which was hopeless spaghetti code, derived from ancient BSD
>>> efforts among nameless student coders at University of California at
>>> Berkeley.  One of the worst of the many bad aspects of lpd / lprNG is
>>> that its security profile and history were and are utterly dreadful.
>>
>> Do I need security to print on my own single-user system?
>
> I don't know how to emphasize this enough, but given that a very large
> percentage of system break-ins in the past occurred via 'lpr/lprng', the
> answer is a very definite "YES".

I had not been using lpr until now and now have a script to print with 
using gs directly, tested in Opera and xpdf.

>
>> The people we are giving 200MHz computers to don't have networks.  But
>> they do need to print formatted papers for school, and webpages.
>>
>> I don't think I need CUPS.
>
> Given the above, why are you using a print server/scheduler at all? I
> ran my system with nothing more than 'magicfilter' and a script to send
> it to the appropriate filter for a couple of years when I was in a
> similar situation, and it worked fine.

I don't know what magicfilter is, but I have a script that will let me 
print from within X programs now, and don't even need a filter.  A few 
years ago people using our distribution worked out how to use lpr and 
printcap, but there is no need for them now.  I guess I should stop being 
curious why lpr won't work for root.

Now I need to figure out why your email ended up in my spam folder....

> -- 
> * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *
>

Sindi Keesan

More information about the TAG mailing list