How hard would it be to gain root access of a GNU/Linux box? Difficult (>20 character) password, updated daily, only software downloaded from official repositories.
>>57814554
Pretty sure redhat shit is still vulnerable to dirtyc0w
other than that good luck pulling a 0day out of thin air
>>57814614
>redhat shit is still vulnerable to dirtyc0w
>not knowing shit about how the kernel updates work
It depends on many factors which you didn't provide.
Who is trying to gain root access to your computer? What resources do they have? What are you running on your computer (http server, ftp server, etc)? How do you connect to the internet (wired-only, public wifi, etc)?
If you mean a random Russian hacker getting into your computer when you aren't running any internet services it's close to impossible.
>>57814667
>Who is trying to gain root access to your computer? What resources do they have?
Isn't that the whole question? In asking how hard it would be, doesn't that also imply who is capable of hacking a default linux system?
I'm not the person who came up with this and I don't know the details but it works like so
-you have to have physical access
-they have to use sudo
-they have to leave it logged in as themselves
shot in the dark but only because you didn't mention it.
you then write a script in their .bashrc or anything else like that and keep it running as a user level, once they use sudo it would be able to privilege itself. You could also potentially do this if they were stupid enough to browse websites from the server/box and a software vulnerability for the browser isn't completely out of the question.
>>57814554
Theoretically if ssh was configured correctly with fail2ban set up, then nobody should be able to even log into the system, under any user.
If they have physical access to the machine, you can pretty much consider it broken. As in all the data on that machine is on a USB.
>>57814711
So the question is "How hard would it be for the NSA to gain root access of a GNU/Linux box"? If they got a virus into an uranium enrichment facility in Iran, they can sure as shit get root on your computer. This is of course if they wanted to get into your computer in particular and were willing to expend their resources, which isn't likely/plausible because they are more interested in mass metadata.
>>57814819
They got that virus there on a Windows computer
>>57814819
>>57814960
God help us if terrorists figure out how to install gentoo.
oh it's totally easy. a toddler could do it. it's amazing the internet actually doesn't crumble apart. all those phds and 20 year career committers are actually fucking retards.
>>57814819
if nsa is your adversary you're pretty fucked. but all these theoretical situations are obviously just fun academic exercises.
>>57814554
zen and the art of hacking
http://bak.spc.org/dms/archive/rt-zen.html
http://everything2.com/title/Zen+and+the+Art+of+Hacking
>how do i prevent seal team 6 from come killing me in the middle of the night
>>57815091
>>57814554
>How hard would it be to gain root access of a GNU/Linux box?
impossible now that I'm on wayland :^)
try to listen in on the server while I type my root password
>>57814554
Try with ldd.