Re: DDOS attack Microsoft

From: Max Burke (mlvburke_at_%$%#@.nz)
Date: 09/16/03


Date: Tue, 16 Sep 2003 18:07:02 +1200


> Craig A. Finseth scribbled:

>> Mike Byrns wrote:

>>>> Wasn't the Worm as devised by RTM the first of it's kind, and
>>>> didn't it exploit weaknesses in *nix, including the GNU Emacs
>>>> buffer overflow?
 ...
>>> The exploits were:
>>> - It took advantage of a publicized, hard-wired back door left in
>>> sendmail.

>> So how come this backdoor was written into sendmail in the first
>> place? I

> It was a debug mode.

>> thought only Microsoft products had backdoors. :-) If it was so well
>> publicized, why didn't more UNIX admins patch reconfigure it to
>> "close the door" so to speak? Do you see any parallels between this
>> and your Microsoft

> This worm was released in 1987. It was a different world then, one in
> which protecting yourself against the net was simply not a big
> concern.

Like so many OSS/Linux users/advocates claim today? That it's not a
concern for them to protect themselves from viruses, because they're
using OSS/Linux?

> As a point of fact, this worm marked the turning point after which
> people had to start protecting themselves against the network. It
> was a sad day, indeed.

>> vulnerability of the week? I mean, look, 1) it was put there on
>> purpose 2) everyone supposedly knew about it 3) nobody did squat to
>> protect themselves

> There was no reason to protect ourselves at the time.

Just like so many OSS/Linux user claim today because they're using *nix?

>> 4) it spread like wildfire or prehaps more accurately *ahem* code
>> red ;-)

> It was impressive, indeed.

>>> - It took advantage of a buffer overflow in the finger daemon.

>> So how come such a simple daemon, with so few lines of source code,
>> that had been around so long, with so many, many eyes making all
>> bugs shallow, could contain a travesty such as gets(line); rather
>> than fgets(line, sizeof(line), stdin);?

> Same reason as above: no one had gone around looking for these things
> because no one had a reason to.

I guess that's why so many OSS/Linux users like to say *nix is
inherently secure because it's *nix..... Why look for things that cant
possibly be there....

> Also, this was _before_ the open source movement go to Unix. For
> example, even though I was a Unix admin (along with other things), I
> did not have legal access to any Unix source code. The same applied
> to many others.
> If you're going to bring up historical issues, you need to analyze
> them in the context of the day.

So lets stick with today's reality's in the OSS/Linux world......

FYI (repost YET AGAIN....)
Just some of last weeks bugs and flaws in OSS/*nix.

FYI....
http://www.partyvibe.com/flavour/linux/security.htm
http://www.linuxsecurity.com/advisories/index.html
http://www.opennet.ru/base/linux/
http://www.securityfocus.com/news/19
http://lists.debian.org/debian-security-announce/

Linux and the virus/worm risk:
FYI
http://networking.earthweb.com/netos/article.php/625211
http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux
http://www.claymania.com/unix-viruses.html
http://www.zdnet.com.au/itmanager/technology/story/0,2000029587,20275738,00.htm
http://www.virusbtn.com/magazine/archives/200304/linux.xml

-- 
mlvburke@#%&*.net.nz
Replace the obvious with paradise to email me.
See Found Images at:
http://homepages.paradise.net.nz/~mlvburke


Relevant Pages

  • Re: DDOS attack Microsoft
    ... why didn't more UNIX admins patch reconfigure it to ... Like so many OSS/Linux users/advocates claim today? ... > people had to start protecting themselves against the network. ... Just like so many OSS/Linux user claim today because they're using *nix? ...
    (comp.os.linux.misc)
  • Re: DDOS attack Microsoft
    ... why didn't more UNIX admins patch reconfigure it to ... Like so many OSS/Linux users/advocates claim today? ... > people had to start protecting themselves against the network. ... Just like so many OSS/Linux user claim today because they're using *nix? ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: DDOS attack Microsoft
    ... >So how come this backdoor was written into sendmail in the first place? ... why didn't more UNIX admins patch reconfigure it to "close the ... which protecting yourself against the net was simply not a big concern. ... did not have legal access to any Unix source code. ...
    (comp.os.linux.misc)
  • Re: DDOS attack Microsoft
    ... >So how come this backdoor was written into sendmail in the first place? ... why didn't more UNIX admins patch reconfigure it to "close the ... which protecting yourself against the net was simply not a big concern. ... did not have legal access to any Unix source code. ...
    (alt.computer.security)
  • Re: DDOS attack Microsoft
    ... >So how come this backdoor was written into sendmail in the first place? ... why didn't more UNIX admins patch reconfigure it to "close the ... which protecting yourself against the net was simply not a big concern. ... did not have legal access to any Unix source code. ...
    (comp.os.ms-windows.nt.admin.security)