First page Back Continue Last page Overview Graphics
Application Vulnerabilities
New software flaws are found all the time, allowing
- Reading local files (/etc/shadow anyone?)
- Execution of arbitrary code (/bin/sh)
Example: OpenSSH remote root vulnerability!
Defenses
- Only run services when you need to (lsof -i is your friend)
- Keep your system patched (up2date, apt-get, YaST etc)
- Uninstall applications you don't use
Notes:
The best tactic is NOT to run a service, if you don't need it.
If you're not running a web server, you're automatically invulnerable to the hundreds of attacks that float around the Internet and take advantage of web server vulnerabilities.
If you have to provide a service (e.g. your company's web server), make sure that it only supports the necessary sets of plugins/extentions. This will minimize exposure to remote threats. Also, make sure that you follow some security-related mailing list (like BUGTRAQ) to be notified when a new security vulnerability that affects your servers is publicized.