IWETHEY v. 0.3.0 | TODO
1,095 registered users | 1 active user | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Linux Forum / Perspective
Post #186,367
by drewk
Picture of drewk
12/7/04 10:22:44 PM
Reply
New Perspective
An unpatched kernel with theoretical holes exploitable with (typically) physical access to the box, vs a fully-patched Windows/Internet Explorer/Outlook setup that is still vulnerable to remote exploit on a near-weekly basis. I'm still way ahead of the Windows guy.

Now let's forget hypothetical and see what I've actually been unknowingly vulnerable to. According to Debian's [link|http://www.debian.org/security/2004/|Security advisories announced in 2004], there has been [link|http://www.debian.org/security/2004/dsa-514|one] known kernel exploit since May of this year. And it was for the 2.2 kernel on Sparc.

So, what was I wrong about? And what should I be admitting to the RedHat bigot with the assload of FUD?
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
Post #186,373
by broomberg
12/7/04 11:17:30 PM
Reply
New Not playing the VS windows game
This has nothing to do with how piss-poor windows is.

Nor does it have to do with physical access. You are on a network.
Are there other computers are on the network? If so, maybe they were cracked 1st so not the firewall won't help you.

Nor am I playing the "known" exploit game.

Kernel programmers found security holes. They fixed them. You didn't apply the fixes. Straight forward.
Post #186,391
by drewk
Picture of drewk
12/8/04 1:21:23 AM
Reply
New No they didn't
Kernel programmers found security holes. They fixed them. You didn't apply the fixes.
Debian practices full disclosure. If there's an update that potentially affects security, it's pushed through a [link|http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s-security-update|separate channel]. Look at '/etc/apt/sources.list' on your Debian box. You should have a line like 'deb [link|http://security.debian.org/|http://security.debian.org/] stable/updates main contrib non-free'. It is possible to configure your system to automatically install all security updates, and each patch will be the mimimum change required to fix the security issue.

Unless someone closer to the process than I am wants to contradict or clarify, there were no kernel exploits patched since May of this year that affected me.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
Post #186,426
by folkert
Picture of folkert
12/8/04 1:09:44 PM
Reply
New Correct. Since before May.
Some of the exploits were for kernels newer than yours. Some of those exploits were removed from Debian before the knowledge of it happened to show, as the affected areas were fixed by Herbert Xu.

The new Kernel Team is doing a seriously Awesome job. Besides Gentoo and Greg KH, Debian is the number one Distro with upstreaming fixes and updates.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
Post #186,378
by folkert
Picture of folkert
12/8/04 12:15:27 AM
Reply
New I was running 2.4.20 unpatched
Since the day I compiled it with Stack Smashing Protection patched compiler and Mudflap.

I had 420 days of uptime. I even dared a coupla people to try and smack knight. They tried, I saw the evidence. The worst they could do was to start a daemon run by www-data on a port I don't allow in or out... through the firewall from knight.

Ummm, yeah... kernel-hacks. Most are only if you get a local account/shell. Sure, start a telnet daemon on port 31337. See if you can connect to it. Uh, huh.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
     Need help shutting up a Windows bigot and a RedHat bigot - (drewk) - (10) - Dec. 7, 2004, 08:38:21 PM EST
         You know Greg posted it. :-) - (Another Scott) - (8) - Dec. 7, 2004, 08:51:09 PM EST
             That's probably what I remember - (drewk) - (7) - Dec. 7, 2004, 09:20:41 PM EST
                 The kernel is only one piece of the puzzle. - (Another Scott) - Dec. 7, 2004, 09:27:31 PM EST
                 The answer is to admit you are wrong - (broomberg) - (5) - Dec. 7, 2004, 09:32:32 PM EST
                     Perspective - (drewk) - (4) - Dec. 7, 2004, 10:22:44 PM EST
                         Not playing the VS windows game - (broomberg) - (2) - Dec. 7, 2004, 11:17:30 PM EST
                             No they didn't - (drewk) - (1) - Dec. 8, 2004, 01:21:23 AM EST
                                 Correct. Since before May. - (folkert) - Dec. 8, 2004, 01:09:44 PM EST
                         I was running 2.4.20 unpatched - (folkert) - Dec. 8, 2004, 12:15:27 AM EST
         Re: Need help shutting up a Windows bigot and a RedHat bigot - (Yendor) - Dec. 7, 2004, 08:53:58 PM EST

What you're selling, I do not need.
39 ms