[TAG] (forw) Re: (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
rick at linuxmafia.com
Mon Jan 29 03:21:21 MSK 2007
----- Forwarded message from Sindi Keesan <keesan at grex.cyberspace.org> -----
Date: Sun, 28 Jan 2007 13:02:38 -0500 (EST)
From: Sindi Keesan <keesan at grex.cyberspace.org>
To: TAG <tag at lists.linuxgazette.net>
To: Rick Moen <rick at linuxmafia.com>
Subject: Re: [TAG] (forw) Re: (forw) Re: lpr works for user not root in
On Sun, 28 Jan 2007, Rick Moen wrote:
>Quoting Sindi Keesan (keesan at grex.cyberspace.org):
>>But if I run chrootkit and it finds nothing, and I am not running any
>>network services when I go online, can I continue as root without
>No. Your question is a complete and total non-sequitur to what I just
>got through saying, and carrying out online activity as the root user,
>or indeed any activity at all that doesn't require root access, remains
>reckless and ill-advised for reasons that frankly should be obvious --
>completely without regard to whether you're even running network daemons
I mentioned a while ago that I had clones of the same linux on several
computers so I am not concerned about accidentally wiping out files.
And from what various people have told me one cannot hack my system if I
have no network daemons running and X only has local access and Opera has
no vulnerabilities. And chkrootkit found nothing after four years. So
it is not obvious. I am not trying to be intentionally stupid.
>The non-sequitur nature of that question suggests to me that you
>probably are not really heeding what people are saying, in this thread,
>or it seems likely that you would not make such comments.
I don't claim to understand it all.
>>># nmap -vv -sT -sR -O -o N /tmp/nmap-tcp.log -n 126.96.36.199
>>># nmap -vv -sU -sR -O -n -oN /tmp/nmap-udp.log -n 188.8.131.52
>>># nmap -vv -sA -sR -O -n -oN /tmp/nmap-ack.log -n 184.108.40.206
>>You are way beyond me already.
>No, I'm certainly not. For heaven's sake, if you're curious about what
>those options mean, they're detailed right in the manpage.
I don't have enough background to understand 99% of what is in manpages
starting with the vocabulary, and this one was about 100 pages long. I
was rather surprised that I managed to use nmap at all. I am not a
computer professional, just don't like MS or GUIs in general and am
willing to work hard to bypass them. I found a chapter in Running Linux
ver 3 about TCP UDP and ACK which I will read.
>>Should I do the same as above but substitute the IP address
>>assigned when I dial the ISP?
>You should re-read the explanation of why scanning a host from itself
>would normally be pointless.
I tried to scan from a website and it listed a lot of things that are
probably at my ISP since I don't have them running here, even though it
was using my IPLOCAL number. My linux list members will explain this.
>>I will look for chrootkit.
>chkrootkit is a last-gasp but highly fallible attempt to detect security
>disasters after all your real defences and precautions have failed.
>Your biggest problem is that you're going around defeating precautions
>(e.g., insisting on using the root account routinely) and eschewing
>defences. _That_ is what should be getting your attention.
I understand this is like using f-prot rather than being careful not to
download viruses in the first place.
Our linux was designed to be used as root. The author and other users who
understand security say this is safe in our case. There is no evidence
yet in 4 years that this makes it insecure. It did not come with network
servers (I added the telnetd in busybox). And it is a great deal of
trouble and is more likely to cause problems if I keep changing
permissions on all sorts of things each time I want to use another program
Which is why I asked for help with lpr.
Is this discussion online so other users of our linux can read it and
I am grateful for the education and I apologize for my ignorance.
----- End forwarded message -----
More information about the TAG