Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Sep 2005
An idea to improve security, for hacked PC's
Please read it all.
The base idea is, even if someone gain acess to a root shell (ssh or not), he can't do nothing if he doesn't have access to the commands.
Then it will exist a program/script that will convert our programs in names, with many, and aleatory, characters.
our /bin/ls will be now /bin/a2bs3mc02c0b
All binaries will stay with names like that. Then the program will register the names and, automatically, create a script, per example:
#!/bin/1bv3c3g4bb (that were, before, the "bash" command, that the program had register before)
lg9sf7g77 (formerly "alias") /bin/bash=/bin/1bv3c3g4bb
lg9sf7g77 (formerly "alias") bash=1bv3c3g4bb
This for all commands.
The script will keep saved, and after we start a session, we will have to execute the script, that will have the name that we choose for it.
In this way, whos get a shell in our computer, will not have access to it, if he doesn't know the script name.
This is "security by obscurity". Seems like it would make things difficult on admins without a lot in the way of payoff.
Well, although the best defense is a tight perimeter (firewall, strong passwords etc) I guess if this needs to be a really secure server then it may be helpful. Just remember that your history of commands will be in .bash_history. Though I think that will show the aliases, and probably wouldn't be much use without the cat command