Thread: Merged: W32 Blaster Virus
View Single Post
Old 12-08-2003, 16:47   #73
BenH
Inactive
 
Join Date: Jul 2003
Location: South Manchester
Posts: 74
BenH is an unknown quantity at this point
Quote:
Originally posted by DeadKenny
All it requires is an unpatched server (web, ftp, telnet, etc), a buffer overflow and privallige elevation to root and they're in. They can cause as much damage as they want.

Don't kid yourselfs that linux is secure. It's not. Just that few people have "got it in" for linux.


Sure, if your lax in your updates, run as root all the time, dont check for root kits and leave ports wide open then you are screwed. However all the servers you mentioned are turned off initially and if you wanted to turn them on you had better know what your doing. If not then your incompetant or lazy and who cares.

Linux is more inherently secure than the other leading os, mostly because of the security models used. MS sets up their systems to fully integrate into their not so secure infrastructure such as windows update; their programs are riddled with bugs that they have no intention of fixing and hides the running services that can be compromised such as Messenger and allows a user to have administrative priveliges.

It also supports the script kiddies favorite language - VB.


This is not to say that Linux does not have its own problems, the difference is that these exploits are much, much harder to impliment especially against a user who has a clue about security. Also when an exploit is discovered it is paxtched as rapidly as possible. You can also install SE Linux, which promptly deals with the script kiddies, the so called L33T hackers and quite a few of the competant ones, at the possible expense of opening your system up to the NSA :-)


Quote:
I use linux, unix and windows systems, and no matter what I always look out for the latest patches. I'd be a fool to just sit there with a smug "ah, I'm okay I use linux" attitude. Of all things I concentrate very carefully on Apache patches as that's the one thing exposed to the outside world on my system.
And who has the largest number of patches, not including the 150 linux distros which MS loves to factor in on its FUD? And in regard to Apache (given that it mainly runs on Linux), how many patches vs IIS? AIRC the last major exploit was discovered about 18 months ago and had a working patch released within hours.


Quote:
And has everyone ensured they've got the ICMP patch for their linux based routers? Very few people know about that one and many assume a dedicated linux router/firewall is rock solid and never needs patching, yet this will open their entire network up.
We use a Borderware firewall based off BSD, theres a reward of $100,000 for the person who cracks it. If you fancy your luck just say :-)

Regards,

Ben
BenH is offline   Reply With Quote