A Sys Admin's worst nightmare

Simon Wong simon at dt.net.au
Fri Apr 21 04:27:54 BST 2006


Up to date as of this morning (Firefox 1.0.8).

Thanks for the pointer though.


On Fri, 2006-04-21 at 13:10 +1000, Tate Johnson wrote:
> I wonder how up-to-date their boxes are. There was a vulnerability
> discovered in breezy where it saved the default (at time of
> installation) sudo password in a readable text file. However, it was
> fixed about a month ago so chances are they've patched it up (Like any
> good network should).
> 
> http://www.ubuntuforums.org/showthread.php?t=143334 
> 
> Visit that thread for more details. Good Luck
> 
> Cheers,
> Tate
> 
> Simon Wong wrote: 
> > I have setup an Internet Cafe for a mate of mine in a far away land.
> > 
> > In what seems like a nightmare I haven't woken up from yet, he is
> > proposing a crazy marketing stunt to pull in people to the Cafe.  A
> > $1000 reward for obtaining the root password off one of the PC
> > terminals!
> > 
> > I don't even want to repeat that, I'm just trying to think of it as the
> > ultimate vote of confidence ;-)
> > 
> > Outline of the system design is:
> >       * The PCs are all running Ubuntu Breezy (as is the server).
> >       * The local user accounts are supplied via NIS from a central
> >         server (only user accts, all passwords disabled) as all
> >         authentication is done via PAM radius, back to the central
> >         server.  Yes, I know LDAP will be in v2.
> >       * IPsec secures communication between each PC and the server
> >       * There is an admin account with full root sudo access on each PC
> >         and the root password has been set the same (doesn't seem like a
> >         lot of point if "admin" has root sudo access anyway to have it
> >         different - correct me if I'm off track here)
> >       * The PC admin/root passwords do not match those on the server
> > 
> > Rules of engagement
> >       * Must be on-site and present (no at/cron jobs)
> >       * Cannot boot off anything else (of course)
> >       * Cannot change boot parameters
> >       * No malicious activity (I know, what does this mean under these
> >         circumstances?!)
> >       * They have to open a file only readable by root and report back
> >         the contents plus the root password plus the method of attack
> >       * I am going to push for this to only be for 1-2 weeks tops
> > 
> > I'd love some feedback from people on what further preps I should
> > undertake.
> > 
> > I know that sounds very open ended but should I really trust the default
> > installation to be safe enough?
> > 
> > Of course, a public system like this is always open to naughtiness but
> > legitimising it is really scary.
> > 
> > 
> >   
-- 
Simon Wong
Dependable Technologies Pty Ltd
ABN 35 108 656 131

simon at dt.net.au  | www.dt.net.au
mob 0438 609 011 | ph +61 7 3367 0847 | fax +61 7 3009 0431

* Dependable IT Solutions *



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-au/attachments/20060421/43c73933/attachment.pgp


More information about the ubuntu-au mailing list