IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Re: I don't buy it. Here's why.
Fine, but UNIX must have an unidentified hole to do a root exploit. There are very few of these on vendor UNIX, and it seems to me (although I don't pay close attention) on Linux with proper care. UNIX holes are rapidly plugged when they appear. If root access on UNIX were easy or common, it would not be DoS attacks, but file attacks, that were common.

Linux also does not seem particularly vulnerable to root exploits. I notice only a few a year, and usually from folkert.

Windows of course, should just be renamed "OS Admin".
-drl
New Why "unidentified"?

\r\nYou know that's silly. Most boxes, for one reason or another, are insufficiently firewalled, patched, locked down, etc.\r\n

\r\n

\r\nAn identified and exploited hole will do fine.\r\n

\r\n

\r\nDoS attacks are extremely common:\r\n

\r\n

\r\n[link|http://www.internetnews.com/bus-news/article.php/773341|internetnews.com article]\r\n

\r\n

\r\n4,000 attacks a week. Sure, half only lasted 10 minutes or less, but that still means that there were 2,000 attacks of 10 minutes or more.\r\n

\r\n

\r\nPeter's Rules Of The Internet:\r\n

\r\n
    \r\n
  1. The remote root exploit you know about is less worrisome than the one you don't know about.
  2. \r\n
  3. You're not locked down enough to prevent a sufficiently determined and skilled intruder gaining entry to your system
  4. \r\n
  5. Once you get past the noddy stage of systems administration, the operating system of the host system is irrelevant. See (2).
  6. \r\n
  7. To resolve 2, you should take the computer, disconnect its network cable, place it (the computer) in a strong steel box, lock the box, place the box in a safe, lock the safe, affix a large sign that clearly says "CONTAINS LIVE TIGERS" to it, take the safe out to sea, drop it in the Marianas Trench, scuttle the boat, kill everyone involved and then yourself.
  8. \r\n
\r\n

\r\nThe computer is now sufficiently secure to keep anyone out.\r\n



Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home Page - Now with added Zing!]
New Re: Why "unidentified"?
Well, I'm giving UNIX admins credit for patching their machines quickly and staying on top of issues. I don't think this is unjustified, because we just don't hear of large scale UNIX exploits.

(RE your link: does this include simple port scans?)
-drl
New Look
raw socket access has existed for years in OS/2 w/ rexx and the internal security model is in some ways even weaker than Windows (warp is still a single user system, though we hope to do something with that in the near future). We haven't had huge problems... because that's not really the central issue. The central issue is not raw socket access; the real issue is that one can beat win32 into submission a lot easier because of amateur coding stupidities like buffer overruns.

As Pete said... look at (slammer, code red, nimda, virus du jour)... no raw socket access required to do nasy things.

Fortunately for us, some years back IBM put in the underlying architecture to build a completely secure system (it's called SES; Security Enabling Services) which will allow us to build a solid multiuser version of the system... the problem is they never followed up with the requisite system infrastructure.
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
     Why Windows sucks, in 3 words - (deSitter) - (7)
         Utter guff - (pwhysall) - (6)
             Re: Utter guff - (deSitter) - (5)
                 I don't buy it. Here's why. - (pwhysall) - (4)
                     Re: I don't buy it. Here's why. - (deSitter) - (3)
                         Why "unidentified"? - (pwhysall) - (2)
                             Re: Why "unidentified"? - (deSitter) - (1)
                                 Look - (jake123)

A source of annoying catchphrases now.
48 ms