Re: mud code stolen

From: Doppleganger Software (doppsoft@tzc.com)
Date: 12/03/98


>The best way to insure that your code will not be accesible to *anyone* is
>to use a Macintosh, from there up you'll deal with ever more problems
>where the unixen are in both ends (linux in one end, IRIX in the other) of
>security <--> insecurity, with the different flavors of windows right in
>the middle.

<grin>  I love hearing things like this said.  And actually, I'd place
Windows more towards the insecure end.  Why?  Programs like Back Orifice
can let a person take complete control of a Windows machine.  Heck, there
are other backdoors in Windows systems that don't even require the user
to run a program at the server end.  There was a report on it on the
local news last night.  The reporter is even considering talking to me
about Back Orifice and other security things in a follow-up story.  It
sounds strange, but it is true: The MacOS is the most secure OS on the
internet.  By default NOTHING can be accessed by people.  Even Linux has
that problem of permissions for viewing and such.  In fact, that is
probably the easiest 'exploit' out there if you run your MUD on a server
with other MUD's.  The best wat to protect yourself is to put your MUD in
a directory, and then remove all permissions on that directory except for
yourself.  That way, no one can even get in there.  Also, don't have
symbolic links into that directory.  Your home directory can be open to
others, for things like web pages, and lynx bookmarks, but always
remember to keep sensitive stuff, like code or passwords, inside that
protected directory.

>For information about specifics on security issues for unix you can check
>here, both the problems and their solutions:
>
>http://www.rootshell.com/

Good suggestion.  This site happens to be one of the best for learning
about new hacking methods and tools.  it's where I first learned about
Back Orifice...

>For windows... Well, you can never be sure with Windows... You protect
>everything and then a jerk comes up with a winnuke program and nukes you
>out the net.

WinNuke is the least of your problems on a Windows machine....Back
Orifice and other security exploits are MUCH more of a concern.  All
WinNuke can do is force you to restart the computer.  The others can take
over the computer, and completely disable it.


---
"One hundred years from now, none of this will matter because you and I
will be dead -- unless the Grim Reaper has switched his record-keeping to
a Windows 95-based system, in which case we all might live forever. "
-- Associated Press


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/15/00 PST