Storm worm gains strength

Posted Aug 31, 2007 0:57 UTC (Fri) by giraffedata (guest, #1954)
In reply to: Storm worm gains strength by tialaramex
Parent article: Storm worm gains strength

* Root privileges tend to be squashed over the network, you probably don't have any privileges on other machines directly from this account.

I guess that's true for some definitions of "directly," but none that matter. The point is that if you have root privilege, you don't need to trick someone into sending you his password. You can simply setuid() to his uid without a password.

* Root can't do the impossible. Cryptographically protected SSH keys can't be unprotected by fiat. MD5-salted-hashes can't be unwound either.

Getting someone else's login password doesn't help here either.

Storm worm gains strength

Posted Aug 31, 2007 15:13 UTC (Fri) by smoogen (subscriber, #97) [Link]

It does if you want to be able to get onto the system later. Most of the time hackers are looking for multiple ways to get back onto a system.. and while leaving backdoors is one method.. another is user passwords.. and user passwords are a lot harder to deal with in environments that do not have centralized login management.