On Sun, 1 Sep 1996 10:09:32 -0500 (CDT), Igor Chudov @ home wrote:
Not really crypto, but related to the DOJ hack in a way.
Moscow Channel is a pretty slick, Russian news/commentary >>page. Their Web site was hacked and altered by someone who didn't seem to >>like Russians all Just a matter of time before some builds a dedicated Satan >>type tool that scans for HTTP server holes or messed up file permissions >>to make locating potential victims easy. Write your web site to a CD-ROM and hard-code the base >>directory into the webserver.
A hacker who has root can forcibly unmount the cdrom and mount >another directory on that node. Not a good solution.
Hack your system kernel to only allow mounting read-only media to that point. Most hackers wouldn't try "hot-patching" the system kernel. The ones that can probably have better things to do than hack your page. - "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said. * Home: Chris Adams <adamsc@io-online.com> | http://www.io-online.com/adamsc/adamsc.htp * Autoresponder: send email w/subject of "send resume" or "send PGPKEY" * Work: cadams@acucobol.com | V.M. (619)515-4894 | (619)689-6579 * Member in good standing of the GNU whirled hors d'oeuvre