nanog mailing list archives

Re: WashingtonPost computer security stories


From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Tue, 17 Aug 2004 10:46:27 +0100 (BST)


On Sun, 15 Aug 2004, Mikael Abrahamsson wrote:

As far as I know, there is no remotely exploitable hole in windows that
doesn't have a patch for it, nothing majorly in the wild anyway. I run my
fully patched XP laptop without firewall directly connected to the
internet all the time and the above you mention doesn't happen to me.

i'm sure there are plenty, and not just in windows. just because you dont know 
about them or theres nothing published doesnt mean it doesnt exist. the hole 
used by sapphire didnt 'exist' until sapphire infected all the open windows 
boxes within a couple hours

even with your firewall you're not safe, stuff can get through if you either 
allow it with a listening port (eg webserver) or by malicious trojan data (eg 
javascript embedded in webpage, crafted response to dns/ping/snmp/ssh/whatever)

Bad hardware and application software cause a lot more problems than 
the operating system itself. 

i think they're all major things you should include in any security assessment, 
the exact order of importance is irrelevant

Steve


Current thread: