Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    An idea to improve security, for hacked PC's

    This is an idea i had, thinking in servers security.
    Please read it all.

    The base idea is, even if someone gain acess to a root shell (ssh or not), he can't do nothing if he doesn't have access to the commands.

    Then it will exist a program/script that will convert our programs in names, with many, and aleatory, characters.

    our /bin/ls will be now /bin/a2bs3mc02c0b

    All binaries will stay with names like that. Then the program will register the names and, automatically, create a script, per example:

    #!/bin/1bv3c3g4bb (that were, before, the "bash" command, that the program had register before)
    lg9sf7g77 (formerly "alias") /bin/bash=/bin/1bv3c3g4bb
    lg9sf7g77 (formerly "alias") bash=1bv3c3g4bb

    This for all commands.

    The script will keep saved, and after we start a session, we will have to execute the script, that will have the name that we choose for it.
    In this way, whos get a shell in our computer, will not have access to it, if he doesn't know the script name.

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    This is "security by obscurity". Seems like it would make things difficult on admins without a lot in the way of payoff.

  3. #3
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Well, although the best defense is a tight perimeter (firewall, strong passwords etc) I guess if this needs to be a really secure server then it may be helpful. Just remember that your history of commands will be in .bash_history. Though I think that will show the aliases, and probably wouldn't be much use without the cat command

  4. $spacer_open
  5. #4
    ln -s /dev/null ~/.bash_history

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts