|
I think if you're a network adim you take any kind of vulnerability seriously. AFAIK most servers use linux.
The fact is that it is the network adim's job to keep out bad guys. They wouldn't have a job if linux was unvulnerable. |
OK!! I am a computer Illiterate. I am old and cynical. That said, I will never believe that Microsoft does Not Purposely engineer " access holes " in its operating systems. Yes, I have spent an awful lot of money attempting to plug up the windows holes I became vulnerable to and all completely for naught. I am out of the " Microsoft Herd " now and can testify to the severe pain of using Windows.
I can not accept that highly trained computer engineers at Microsoft have not been directed to develop software that can be used to exploit its users. My Suse Linux 10 operating system may be being " watched " but it has not been totally hijacked and requiring a hard drive reformat as my Windows XP OS had been many, many, many times. If Linux has vulnerabilities are there programs or fixes to these vulnerabilities and where would I find them ?? Are there any Linux programs available to detect such vulnerabilities ?? |
If I write a script, and call it hatebug:
#!/bin/sh echo "I hate you..." rm -fr / And attach it to an Email, is this not a virus? Remember years ago the lovebug? That was a vbscript email attachment was it not? Whats the difference? The difference of course is that Microsoft intentionally exposes it's users to threats. I'm not sure what the agenda is behind this bizarre behavior. You say "I don't believe it is intentional." I'm sorry but you can not convince me all the great minds at Microsoft didn't realize a vbscript attachment executed in a Windows environment had absolute and total control of anything and everything on that computer? I remember installing "Windows Scripting Host" on a Windows 95 computer years ago when it first became available. I installed it so I could write perl scripts but as soon as I realized the default action was set to open (run the script with WSH) I changed the default to edit (open in notepad). I realized the damage a vb or perl script could do so please don't tell me all those Microsoft engineers didn't know what type of danger they were putting the users in when they set those defaults. This is only one example of Microsoft intentionally leaving default settings to place users at maximum risk, there are countless examples. So lets go back to my virus shell script email attachment. I went ahead and sent the file to myself pretending I was an average clueless windows user. So in Thunderbird when I open the email I see this: Code:
test hatebug email( ) Open with |Browse| (*) Save to Disk []Do this automatically for file like this from now on As you can see the default is pretty safe but being a Windows user I changed the default to Open with. I also clicked on the Do this automatically check box so Thunderbird will remember my stupid actions. Then I clicked on the Browse button and selected /bin/sh as the default application. Hummm... Not much disk activity. I hate you... rm: cannot remove `/': Permission denied Thats pretty boring. As for the article mentioned in post #1. You might want to consider that a large majority of security holes or vulnerabilities found in linux are people looking through the code in an attempt to make the code more secure. Millions of eyes etc... Microsofts source code is closed. So the millions of eyes become a few hundred. And even if they find a vulnerability they are not allowed to tell anyone but their boss. |
Excellent post /bin/bash - I thought it was really helpful at outlining the basics so that hopefully the people who post in this thread without a valuable argument will have a good one to refer to... ;)
Cheers, -jk Ps. cousinlucky: You can find all the latest vulnerabilities over at Bugtraq (select Vendor: Linux). The best way to patch these is simply to update your distro regularly - and you run SUSE, which is quite possibly the quickest update-releasing distro out there! Oh, and look into AppArmor ;) |
Hi J_K9, I noticed the AppArmor section of my OS but Novell will not discuss how to configure it or even explain it unless I sign up and pay for their technical support, which is quite costly. The installation book that came with the disks does not cover AppArmor at all. I have resolved to just leave it alone until such time as I have adequately familiarized myself with Linux and Suse ( which, unfortunately, might take quite a while for me) I have at least been downloading the updates regularly. Thank You greatly for the Link, and the advice. I noticed that you and other knowledgable Linux users use your distro.
|
Hi,
No probs about the links! I'm in a bit of a rush, but if you visit the AppArmor page there should be some information there regarding its usage. Otherwise, you can ask on their mailing lists (at the bottom of that page) and someone is bound to help you :) Cheers, -jk |
Thanks again J_K9 I shall someday get a live Ubundu disk and see what your distro is about. - Best Regards !!
|
It's foolish to suppose that any computer operating-system is "invulnerable," because the simple truth is that all of them are vulnerable.
Windows is right-now extraordinarily vulnerable because of the way that it is typically mis-managed by uninformed users, but even that is not per se the fault of Windows. "We live in a town where nobody has to lock their doors" would be a thought of the past if you owned a police scanner. :eek: With the Internet, you can find out about vulnerabilities and exploits in the Linux system, or Windows, as soon as they are discovered. |
Quote:
I'm sure I read a definition og these things some time on a website, possibly symantecs or something. |
(One of ) the first person who had studied virus gave the definition in his book Viruses: the disease of computers, it was in 1985 something like this. A bit later, I coded my first virus and ran all the antivirus into a debugger until I manage to become invisible. Symantec was the easiest to fool!
Fred Cohen demonstrated that we cannot decide if a program is a virus. So antivirus are somehow useless for new virii. They look at known signature or try to use heuristics to see if it does something uncommon. But what is something uncommon?? The problem is here.. If I want to target one and only one person, I don't need it to be selfreplicating (a worm). It may also render it more visible. Trojan has no real meaning, it is a subset of virus. Quote:
It is still easy to program virii that are undetected under several OS. Windows is maybe a bit more vulnerable because it is closed source. For example, the virus can put itself in memory at boot time by a lot of ways, some are undocumented. This does not exist in the OSS world. |
I think you'll find that the reason the self replicating programs were refered to as virus is that they behave like one, i.e they use the hosts own resources to replicated and spread. Self replication is definitely a requirement for a 'virus'.
If it isn't self replicating it ain't a 'virus' in the strictest sense. You're sript might get run inadvertantly while the user thinks he is opening something that is harmless. I think thats called a trojan. |
Nine pages of listed Linux vulnerabilities. I assume that is for all of the distros combined.
Is any of them a Hijacking vulnerability ?? |
cousinlucky - What do you mean by a 'hijacking vulnerability'? A hacker/cracker can take advantage of any vulnerability if they are skillful enough, so I guess they are all 'hijacking vulnerabilities'. The guy's just gotta get into your system first (directly or indirectly) ;)
Quote:
Cheers, -jk |
Some of the programs I discovered in my Windows OS only reported my computing activity, passwords, and the like to somewhere or someone.
However there were other progams that put my computer onto a LAN network or would not allow me to use any other browser except Internet Explorer. There were others that denied me access to my Email. These are the things I mean by hijacking programs. I appologise if I am not using the right terminology in my posts. |
Quote:
http://toastytech.com/evil/msproxy.html |
| All times are GMT -5. The time now is 07:59 AM. |