Full Disclosure mailing list archives
RE: Operating Systems Security, "Microsoft Security, baby steps"
From: Luke Scharf <lscharf () aoe vt edu>
Date: Fri, 19 Mar 2004 09:15:21 -0500
On Fri, 2004-03-19 at 01:49, Todd Burroughs wrote:
Wasn't that something that MS tried to say, the "hackers" are reverse engineering our patches? That was funny, but the sad thing is that a lot of people will believe it.
I have no doubt that people reverse engineer their patches. However, saying "hackers ONLY reverse engineer our patches" is a lot different from saying "one possible technique for abusing a Windows system is to look for problems by reverse engineering out patches." Biiiiiiig difference. Driving while sloshed is one possible way to get hurt while driving a car, but certainly not the only way.
What I meant is that you can most likely actually use the Internet to get patches with a fresh install before you get taken over, not that somehow UNIX-like systems make patches before the exploits are out there and being used ;-) It's quite apparent by other threads on the list that this is not generally the case with Windows. Just being patched doesn't mean that you are safe, but it's better than running well known security holes.
For the last couple of years (maybe longer?) RedHat Linux (and recently Fedora) have been shipping with a built-in firewall that enabled by default. If you don't know it's there, the it should certainly be enabled! :-) And if you decide to turn it off, you have to at least justify the effort to run /usr/sbin/lokkit. I hear that some BSD's do something similar.
Obviously, if you go on the Net with all services running, especially on an unpatched box, you're gonna get rooted pretty quickly.
Yup. Last I checked, Sun does it this way... Yay! Fortunately, they're a smaller target, and ppro is decent. But, it still takes me a few minutes to turn off all of the unnecessary stuff before I can begin the real work of setting up a useful system (and re-enabling anything that I actually need). -Luke -- Luke Scharf, Systems Administrator Virginia Tech Aerospace and Ocean Engineering _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Operating Systems Security, "Microsoft Security, baby steps" Todd Burroughs (Mar 18)
- Re: Operating Systems Security, "Microsoft Security, baby steps" Florian Weimer (Mar 18)
- Re: Operating Systems Security, "Microsoft Security, baby steps" Mark J Cox (Mar 18)
- Re: Operating Systems Security, 'Microsoft Security, baby steps' Daniele Muscetta (Mar 18)
- RE: [inbox] Operating Systems Security, "Microsoft Security, baby steps" Curt Purdy (Mar 18)
- <Possible follow-ups>
- RE: Operating Systems Security, "Microsoft Security, baby steps" Schmehl, Paul L (Mar 18)
- RE: Operating Systems Security, "Microsoft Security, baby steps" Todd Burroughs (Mar 18)
- RE: Operating Systems Security, "Microsoft Security, baby steps" Luke Scharf (Mar 19)
- Re: Operating Systems Security, "Microsoft Security, baby steps" Nico Golde (Mar 19)
- Re: Operating Systems Security, "Microsoft Security, baby steps" Ben Laurie (Mar 22)
- When do exploits get used? Paul Schmehl (Mar 22)
- Re: When do exploits get used? Luke Scharf (Mar 22)
- Re: When do exploits get used? Jay Beale (Mar 22)
- Re: When do exploits get used? Luke Scharf (Mar 22)
- RE: When do exploits get used? Bill Royds (Mar 22)
- Message not available
- RE: When do exploits get used? Michael Cecil (Mar 22)
- Re: When do exploits get used? Luke Norman (Mar 24)
- RE: Operating Systems Security, "Microsoft Security, baby steps" Todd Burroughs (Mar 18)
- Re: Operating Systems Security, "Microsoft Security, baby steps" Florian Weimer (Mar 18)
- Re: When do exploits get used? Jay Beale (Mar 23)