Dailydave mailing list archives
Re: The long tail of vulnerable operating systems
From: Darryl Luff <darryl () snakegully nu>
Date: Wed, 14 Nov 2007 21:25:16 +1100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 So every CTF I've played recently (like the one at CSI last week) has a target set of Windows 2000 and extremely old Linux (say, RedHat 8). I'm pretty sure that on any modern network you don't find a whole lot of either of these. There's always the people who still run NT4 and SCO OpenServer, but you have to look pretty far for them. But yet, no real remote exploits exist for Fedora Core 1, much less 7. Solaris has XFS and a few other remotes, but no one runs Solaris any more except the US Government, that I can tell. Even assuming you see some Solaris or AIX or whatever, you end up being so deep in the network already to find it that you've already got all the passwords and don't need exploits. But old operating systems will continue to live forever in CTF, I assume.
I know at least three machines that were until the last year or so running Win95 or 98. And they seemed to be spotless. No sign of browser redirectors or other annoyances, and they'd been used on the Internet for years, though admittedly only on dialup. One was replaced a year or so ago with an XP machine that was within a couple of weeks infested with malware. The other two were eventually shut down still 'clean' as far as I know. On the Linux side I know of a RedHat 6.3 machine which until about 6 months ago was a primary DNS server, running the standard RedHat distributed bind and permanently online. It was shutdown 'clean' too as far as I could tell. The moral I guess is if you're going to use old OS's, use REALLY old ones. If someone really wants to get you they will, but the mass market infectors will probably pass you by. Where did I put that stack of OS/2 floppies? _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: The long tail of vulnerable operating systems, (continued)
- Re: The long tail of vulnerable operating systems Eduardo Tongson (Nov 12)
- Re: The long tail of vulnerable operating systems Lance M. Havok (Nov 13)
- Re: The long tail of vulnerable operating systems Kurt Grutzmacher (Nov 14)
- Re: The long tail of vulnerable operating systems Sebastian Krahmer (Nov 14)
- Re: The long tail of vulnerable operating systems Lance M. Havok (Nov 15)
- Re: The long tail of vulnerable operating systems Eduardo Tongson (Nov 12)
- Re: The long tail of vulnerable operating systems Dude VanWinkle (Nov 13)
- Re: The long tail of vulnerable operating systems Thomas Ptacek (Nov 13)
- Re: The long tail of vulnerable operating systems Matt Hargett (Nov 15)
- Re: The long tail of vulnerable operating systems Steve Shockley (Nov 13)
- Re: The long tail of vulnerable operating systems Katie M (Nov 13)
- Re: The long tail of vulnerable operating systems Darryl Luff (Nov 14)
- Re: The long tail of vulnerable operating systems dan (Nov 15)
- Re: The long tail of vulnerable operating systems Adriel Desautels (Nov 14)
- Re: The long tail of vulnerable operating systems Katie M (Nov 15)
- Re: The long tail of vulnerable operating systems Adriel Desautels (Nov 15)
- Re: The long tail of vulnerable operating systems Darryl Luff (Nov 14)
- Re: The long tail of vulnerable operating systems Weston, David G. (Nov 15)