Thierry Zoller wrote:
The problem with the whole thread was "well someone could do XXX" Sure they could... Anyone could... My point was someone shooting a message back to the list stating "Your program is a backdoor". It never was and it never will be. Can someone modify it on their own and make it a backdoor? Sure. Can someone inject something into the columns I was parsing, possible. Anything is possible. Since then I re-wrote arguments people were griping about:Dear All, You are arguing over hypothesises where facts could rule. PLEASE someone just setup the script on a test environment and present us your results. Heck, it's not that we are discussing Metaproblems here, these are computers. Just install and make a PoC and enhance security for all for the sake of it. Thanks :)
ifaddr=`ifconfig -a|awk '/inet/ && !/inet6/ && !/127.0/ && !/192.168/{print $2}'|sed 's/addr\://g'`
function IPT {
grep -E
'(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[1-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}'
/etc/hosts.deny|\
awk '!/#/&&/\./&&!a[$0]++{print "iptables -A INPUT -s "$1" -i eth0 -d '$ifaddr' -p TCP --dport 22 -j REJECT"}'|\
awk '/iptables/&&!/#/&&!/-s -i/'|sh }The complaint was "anyone can insert $foo into the thirteenth column"... Try it instead of mouthing off about it. "Someone can possible inject tartar sauce into a sealed jar" Is it possible, sure it probably is, show me though instead of yapping off. Someone else griped, "someone can craftily insert your own address into an IP table." Look if someone is THAT stupid of an admin to not test things first, modify it to their needs, and gets themselves locked out of their own machine, they have no business on that machine. Period.
-- ==================================================== J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743sil . infiltrated @ net http://www.infiltrated.net
The happiness of society is the end of government. John Adams
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/