On Wed, Jul 27, 2005 at 12:08:00PM +0200, Andre Venter wrote:
There are obvious possibilities with Netcat if used incorrectly, if this is the company Security Policy then I would imagine that there are examples of a running system in your organization where Netcat has been removed. Also anything with a dependancy on netcat will cease to function correctly.
This is just retarded. Netcat is about as harmful as Vim. If you remove Netcat you might as well nab Vim and Emacs too. That way when you get hacked they don't have anything to mod system files or deface the web servers. This is assuming they are the only two text editors you have installed. I don't allow any others on my server. If you can't do it in Emacs or Vim, you're not qualified to do it. While you're doing this you may want to remove find too. That's very dangerouse, heh, defaced a few things using find to nab what I wanted in a shell script. If you really want to lock a server down, open YAST and apply the security updates, then use it to mod the firewall. After that use it again to lock down the security policy on the server in question. Removing it is just stupid.
----- Original Message ----- From: "Henning Hucke"
To: Sent: Wednesday, July 27, 2005 10:03 AM Subject: [suse-security] Re: removing netcat On Wed, 27 Jul 2005, Michel Messerschmidt wrote:
The reason they decided to remove netcat is that they "found" out netcat is hacker's tool via a google search :-).
IIRC some popular virus scanners even warn(ed) about netcat being a "remote access tool" or "unwanted program" :-)
They figure all customers are idiots.
You mean the ones which are programmed by the same people who are so paranoid that they think that every muslim is a terrorist? :-|
netcat is a "knife" with which you can "cut" error sources but also can "kill" servers; which certainly happens much more often than any other usage (sigh!). Bad bad Baaaaad! %-|
Better take out Nmap too. Just because it tells you if you have any services listening doesn't mean you can't be naughty.
This world is going mad these days which is very hard for someone who stays normal a little bit longer that most others...
Regards from the still normal Henning Hucke
PS: Honestly I would refuse to remove "netcat". Honestly I would easily recommend to remove Yast which I rate as being a much bigger threat to the working safety of a Linux installation than netcat.
YAST is the best admin tool I've ever seen or used. I'm wondering just how it is you think it's a threat in any nature other than "What you leave on the server, you leave for an attacker who roots you to use". Is it because they have a tool to mod the system with as opposed to using /etc to do the same thing?
It is a profitable thing, if one is wise, to seem foolish. -- Aeschylus
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here