shellworld attacked!!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

On Thu, 13 Dec 2001 12:04:33 +0100 (MET)
Andor Demarteau <ademarte@students.cs.uu.nl> wrote:

> Scriptkiddies you mean.

The "scriptkiddies" are the users. The people who write the
scripts are, themselves, much more talented. Most of the time
they *do* *not* use their own scripts to do damage. They just
discover a security problem, test it a couple of times, write
a script to prove that it is a real and present danger (and not
just a theoretical one) and send the whole thing to the
software company and to some security web site, such as BugTraq.

>  > The (other) sad truth is that Linux (and many other systems)
>  > are full of security problems -- and that the only way to 
>  > make big companies such as Microsoft or Sun respond quickly
>  > to security threats is to publish the scripts I just mentioned
> True, but even then MS still doesn't do anything (or at least not enough)

Actually, Microsoft usually reacts pretty quickly. The problem
is the sheer number of security problems discovered every week.
And also the fact that MS Windows is such a huge beast that one
patch may well create new security issues or even break Windows
down... This has happened recently. And the number of patches
means most administrators do not have enough time to apply them
all to all their machines -- leaving servers exposed to worms,
viruses and script kiddies.

> btw, Linux has nothing to do with Sun mindyou. Sun has there own OS named
> Solaris.

True. I was only giving Sun as an example of a big company that
was very slow to patch their security problems. Their situation
has improved somehow in the last few years, though.

>  > If you want a (Unix-like) operating system that was designed
>  > with security in mind, you should use OpenBSD (which can be 
>  > found at: http://www.openbsd.org).
> NetBSD as in this list as well.

True, but NetBSD is not designed, first and foremost, with
security in mind. OpenBSD is NetBSD + several years of
security auditing of the source code. NetBSD has got an
excellent track record, though, but its emphasis is on
portability, not security.

> Tus, a secured linux-box can be better then a nonsecure bsdbox.

That's the problem with Linux: most distributions install way too
many services on a machine.

In my opinion, a workstation should have OpenSSH enabled (for
distant administration) and not anything else.

Most Linux distributions, trying to help the beginner user, throw
in lpr, bind, Apache, FTP, telnet, NFS, etc, etc... All of which
make a machine very insecure.

Which is why BSD has a small edge over Linux in this regard: in
a BSD system you have to activate all the services you want to
run -- the rest are inactive by default, which makes the machine
a little harder to configure but much more secure by default.

> I wonder how good there security really was and what kind of 
> attack was used.

"Computer Forensics", meaning understanding what went wrong and
what the "hacker" did to the machines he/she attacked is a very
difficult subject. Especially if a "root kit" (compromised 
binaries) was installed...

Regards,

_______________________________________________

Gil Andre -- Technical Writer -- Knox Software
            gandre@arkeia.com
_______________________________________________





[Index of Archives]     [Linux Speakup]     [Fedora]     [Linux Kernel]     [Yosemite News]     [Big List of Linux Books]