General Security Questions

Discussion in 'Web Design and Development' started by SC68Cal, May 3, 2006.

  1. SC68Cal macrumors 68000

    Joined:
    Feb 23, 2006
    #1
    Hey everyone, I was just reading a whitepaper on securing OS X, and that got me thinking. How likely is a home user to be attacked? I currently have a webserver in my dorm that is only able to be accessed by people inside of the Temple network.

    But regardless, I only allow HTTP requests, SSH shell logins, iTunes sharing, and windows file sharing. I'm slightly concerned about the windows file sharing (because it's windows, and we all know anything with windows in it has to have a hole somewhere) but frankly the permissions only allow public read, and no write cababilities.

    Are most of the security threats based on user error? meaning that a program or virus is installed?

    I guess the best way to find out if my security is tight is go find some script kiddies and get their scripts that they (didn't) write and attempt to do some cracking against my dorm computer. I'm already looking into some SSH v1 exploits, because my dorm computer I believe allows SSH 1 connections.

    Sorry for the stream-of-consciousness of this post. It basically boils down to how likely am I to get attacked, and what is the most that they can do.

    Basically, if I lock down my SSH (if not outright disable it) and only allow HTTP, how badly can I be attacked? I mean, I guess the worst is a DNS attack (but basically I can stop that by changing the apache config)?

    EDIT: Links for my own reference
    http://users.tkk.fi/~kalyytik/hacker/ssh-crc32-exploit_Korpinen_Lyytikainen.html#3.1 First incidents
    http://www.macgeekery.com/tips/security/basic_mac_os_x_security
    http://www.zone-h.org/en/index
     
  2. savar macrumors 68000

    savar

    Joined:
    Jun 6, 2003
    Location:
    District of Columbia
    #2
    Well in a literal sense, yes most breaches are based on user error, because there are rarely widespread exploits which don't already have patches released.

    The most common scenario is either a naive user clicking their way into executing something malicious.

    Second most common is people running scripts which scan consecutive IP addresses and look for open ports. Open ports generally have either defined or common services associated with them. Sophisticated scanning software, like nmap, can make a really good guess about what OS is running based on which ports are open and how they respond. Once a cracker thinks he knows what OS you're running, he looks it up in an exploit database and tries to find matching exploits. He'll then run each matching exploit until he either gets in or they all fail.

    The latter scenario is probably not terribly common. Although there are lots of people out there portscanning, there aren't a whole lot of easy, unpatched vulnerabilities. I've heard of the SSH1 you mentioned but I'm not terribly worried about it. If you're doing anything notable with your website, though, then your machine might become a target for attack. The sad truth is that really good security is way too complex for even sophisticated end users...just keep installing the patches as they come out and lock down all services you don't use.
     
  3. SC68Cal thread starter macrumors 68000

    Joined:
    Feb 23, 2006
    #3
    Thank you for your input, it is much appreciated. Okay, so worst case scenario: I get attacked and they deface my website. All I do is restore it from a backup and move on with my life right?
     
  4. savar macrumors 68000

    savar

    Joined:
    Jun 6, 2003
    Location:
    District of Columbia
    #4
    Yeah I overlooked your comment about running a web server. Are you using any CGIs or DBMS (like mySQL)?
     
  5. SC68Cal thread starter macrumors 68000

    Joined:
    Feb 23, 2006
    #5
    Lord no. I'm just cutting my teeth on client-side Javascripts. I'm not even into server-side Javascript or JSP or ASP, which I have books for sitting on my bookshelf that are waiting for finals to be over to read.

    Frankly, most of my hosting needs never have been above simple HTML, even when I had a small web development busniess.

    Honestly, my biggest achievement in fantastical web development was using Fireworks to batch generate a picture gallery for our club website @ www.templepaintball.com
     
  6. Lollypop macrumors 6502a

    Lollypop

    Joined:
    Sep 13, 2004
    Location:
    Johannesburg, South Africa
    #6
    I think with what your doing and the security measures on the macGeekery page you should be pretty safe. If you dont plan on using SSH disable it, or at least force it to SSH v2 and use a different port.

    Just one thing, you mention itunes shareing and windows sharing, just make sure that you use some sort of undescriptive name for the shares. I had my powerbook at my university and during a security course the students scanned the subnet, while I was pretty confident they couldnt get into my mac I neglected to remove my name from the itunes share, the bastards found it and because I was their tutor at that stage they scanned the living crap out of my powerbook. No harm, but it was a pretty humiliating and stupid mistake. I got back at them when I marked their finals! LOL
     
  7. SC68Cal thread starter macrumors 68000

    Joined:
    Feb 23, 2006
    #7
    So they basically set up a mini-DOS (Denial of Service) attack on you? That's pretty funny.
     
  8. Lollypop macrumors 6502a

    Lollypop

    Joined:
    Sep 13, 2004
    Location:
    Johannesburg, South Africa
    #8
    They tried, but didnt get far. The class was rather fast pased and the lecturer moved on to other stuff very fast, so it was a mini-DOS of 2 minutes!
     

Share This Page