Re: New IP based security hole in Windows 2000 (yet again)
From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 08/06/05
- Next message: cipherpunk_at_gmail.com: "Re: What can one do against Keylogger Attacks?"
- Previous message: Catherder2000: "Re: Win2K Complex Password Enforcement"
- In reply to: Jbob: "Re: New IP based security hole in Windows 2000 (yet again)"
- Next in thread: Imhotep: "Re: New IP based security hole in Windows 2000 (yet again)"
- Reply: Imhotep: "Re: New IP based security hole in Windows 2000 (yet again)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 05 Aug 2005 22:04:30 -0500
In the Usenet newsgroup alt.computer.security, in article
<yeKdnfx1l8BRb27fRVn-oA@comcast.com>, Jbob wrote:
>Agreed but I was mainly referring to Linux
Yes, but the O/P mentioned both as alternatives.
>Perhaps but I didn't read this stuff from MS. And besides what use is any
>Linux Disto without the extra apps that come with the kernel?
What was the use of MS-DOS versions 1 thru 6.22? What about Windoze 3.1?
No applications at all, and only a few support programs.
Below, you mention you are trying FC 4. Boot that, and watch as it does.
First you see the boot loader - GRUB (from the FSF) which is not Linux. It's
used to load any thing, including windoze, *nix, *BSD - you name it.
Then you see the kernel load and start - that's Linux. Next, you see a
splash screen. and you run through starting up the various services. Only
a small portion of that (serial drivers, network, firewall) is part of
Linux. The rest is from the distributor (Red Hat in this case) or third
parties. The 'libraries' that are used by the kernel - are not part of
it. Nearly everyone is using 'glibc2' (GNU C Library version 2), but
there are some who use others, like the Intel libraries.
Booting to a command line? That's GNU Bash - not part of the kernel. Using
a GUI? Well, the first thing is the X server (XFree or in your case X Org)
then some window manager (the default on FC is GNOME - others use KDE)
exactly none of which is part of Linux, because they run on any *nix that
runs a window manager. You are running applications - like some browser,
a mail tool, a news tool... if the names begin with a K, they're most
likely part of KDE. Other stuff is GNOME. How much Linux have you seen?
I run X to give me lots of terminals to type in - there isn't an icon to
be seen on my desktop. But the commands I'm using?
[compton ~]$ ls `echo $PATH | tr ':' ' '` | egrep -vc '(:|^$)'
1302
[compton ~]$ echo $HISTSIZE
1000
[compton ~]$ history | sed 's/^......//' | tr '|' '\n' | sed 's/^ *//' | cut
-d' ' -f1 | sort -u | wc -l
78
[compton ~]$
Each one of those lines is considered one command. The first line looks to
see how many commands are in my PATH - 1302. The next line shows how many
commands my shell remembers me using. The next line parses those 1000
commands I've just used, and breaks them down into components - that line
actually has seven commands cascaded to do something useful - and then sorts
things out to see how many _different_ commands there are in use. So, of
the 1300 commands on this system, I've used just 78, over and over (and I
think you can see I have a bit of experience doing this). Use the 'man'
command (start with 'man man' to get the man page on the man pages) to see
what those commands are doing. The point of all this? Not one of those
1300 commands is part of Linux. Nearly all are free versions that mimic the
commands originally created by Bell Labs when they created UNIX 35+ years
ago. More commands came from the various universities - but are still not
part of any single O/S.
>> most Linux distributors release patches and errata immediately, instead
>> of waiting to release one massive "Urgent Security Update" each month
>> that contain an unknown number of patches
>Again my issue is with flaws/exploits/etc and not how quickly they are
>patched.
My response was "many" patches - there were some 300 errata over the life
of Red Hat 9 for example - compared to a blob that contains an unknown
number of patches.
>Believe what you will. I just think if Linux was the main game in town it
>would be targeted much more than it is now and we'd be seeing even more
>serious indications of failures.
Most of the servers you use on the net are not windoze - they are one or
another of the *nix. The routers? Surely you don't think that stuff
would be running windoze. Why are the crackers going after windoze?
They like easy targets that often have big payoffs.
>It is my perspective that as long as a cracker is looking, someone is
>gonna find something to exploit whether it be MS or Linux or even Cisco
>IOS. lol
Well, hopefully, you have learned to use a "user account" in Linux, rather
than 'root'. If so, you've already prevented about 3/4 of the possible
cracks. Why? You don't have permission to do anything to the system. You
don't need it, except for system maintenance, and a lot of that has been
automated for you. You notice that ALL of the browsers available outside
of windoze don't assume you have the intelligence of a rock, and don't
try to auto-install, auto-open, auto-infect your system. Honestly,
another major reason we don't have the virus/trojan/worm/spyware problem
so prevalent in windoze is that this stuff is harder, and you need people
who can actually think. Windoze doesn't need that.
>I already am trying distros of Mandrake/Mandriva and Redhat/Fedora. I have
>tried Redhat from 7.1 and am now trying FC4. Also have Ubuntu and Knoppix
>to try. I just find it hard to make the switch.
Understandable. This stuff _is_ different.
>Just seems so hard to load anything outside of a web update for me.
That's semi-intentional, and an artifact about the origins of the
operating system. *nix was maintained by the IT staff, the people who
had training and experience. When I started with UNIX many years ago, I
went six months without knowing who the 'root' was. It was about 18
months before I got the rough equivalent of a sudo account, that allowed
me to shutdown the systems, mount/umount (not a typo) hard disks and
tapes. It was 6 months MORE before I got a root account - call it two
years after I started. Even so, I was absolutely terrified that I was
going to fumble finger something, and have the system come crashing
down about my ears, and have several hundred users after my head. Today,
root is the first account you got.
>Just need to spend more time with it. Thanks for the links though.
Installing software is fairly easy, thanks to the package managers like
rpm, YUM, aptget, dpkg, YAST, and so on. Until you are comfortable, you
should limit yourself to packages supplied by your distributor. As you
gain experience, you can try packages from other sources (not all are
compatible, and that's part of the learning process). And you can really
get gutsy, and install stuff from tarballs - that you have to configure
the Makefile first (often done automagically), then 'make' (which does
the compiling) and 'make install' which installs the executables.
Take your time - learn what you are doing, and things will work out fine.
Old guy
- Next message: cipherpunk_at_gmail.com: "Re: What can one do against Keylogger Attacks?"
- Previous message: Catherder2000: "Re: Win2K Complex Password Enforcement"
- In reply to: Jbob: "Re: New IP based security hole in Windows 2000 (yet again)"
- Next in thread: Imhotep: "Re: New IP based security hole in Windows 2000 (yet again)"
- Reply: Imhotep: "Re: New IP based security hole in Windows 2000 (yet again)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
