/proc/speakup

Brent Harding bharding at UFW2.COM
Thu Feb 15 20:56:10 EST 2001


If one backed up, use the last backup before you were compromised, so long
as things weren't backed up again after the compromise.
At 09:11 PM 2/14/01 -0600, you wrote:
>On Wed, 14 Feb 2001, Tyler Spivey wrote:
>> /proc/speakup was a bad idea. because:
>> 1. if a hacker gained root, you couldn't turn off the net or something
without speech. (if
>> someone shut it off)
>
>If someone hacks your box, you had best just shut the machine off, or
>remove it from the network with the cable. Anything else is asking for
>things to get worse. But let me give some more detail here:
>
>1) If they compromise your system how do you know when you have regained
>complete control? The wise thing to do is to completely re-install the OS
>saving only the home directory.
>
>2) As Bill pointed out haow many will even go for this? Hello?? Unless
>they are on the list they will need to go find out how to do all these
>evil nasty things. If this is a problem you need to replace your
>"friends."
>
>3) Perhaps if this is a serious threat the fact they can shut down the
>volume is not good it is great. At least you will know someone is messing
>arround. Chances are if it is a real hacker and you notice the first
>indication is that you can't log in.
>
>4) Someone messing with your speakup is showing they know something about
>the product. Evan as vast a user base as speakup has, this is a limiting
>factor. Spend your energy lowering your chances of being hacked. Learn
>more about ipchains and other security tools.
>
>=======
>Kirk Wood
>Cpt.Kirk at 1tree.net
>
>Nothing is hard if you know the answer or are used to doing it.
>
>
>_______________________________________________
>Speakup mailing list
>Speakup at braille.uwo.ca
>http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>
>





More information about the Speakup mailing list