Re: New IP based security hole in Windows 2000 (yet again)
Imhotep wrote:
> Imhotep wrote:
>
>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>> Time for Linux/BSD everyone...
>>
>> Michael
>
> MS probably won't patch this as a ploy to get their "customers" to
> upgrade...shaddy bastards...
>
> -Im
M$ will patch; there are far too many businesses running Win2K to
ignore.
Re: New IP based security hole in Windows 2000 (yet again)
Quaoar wrote:
> Imhotep wrote:
>> Imhotep wrote:
>>
>>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>
>>> Time for Linux/BSD everyone...
>>>
>>> Michael
>>
>> MS probably won't patch this as a ploy to get their "customers" to
>> upgrade...shaddy bastards...
>>
>> -Im
>
> M$ will patch; there are far too many businesses running Win2K to
> ignore.
>
> Q
Maybe, but it would not surprise me, the article says that it is not
patchable, that M$ might "encourage" their "customers" to upgrade. That is
how they do business. Shaddy pr$ck$....
Re: New IP based security hole in Windows 2000 (yet again)
* Imhotep <Imhotep@nospam.com>:
> Quaoar wrote:
>
>> Imhotep wrote:
>>> Imhotep wrote:
>>>
>>>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>>
>>>> Time for Linux/BSD everyone...
>>>>
>>>> Michael
>>>
>>> MS probably won't patch this as a ploy to get their "customers" to
>>> upgrade...shaddy bastards...
>>>
>>> -Im
>>
>> M$ will patch; there are far too many businesses running Win2K to
>> ignore.
>>
>> Q
>
> Maybe, but it would not surprise me, the article says that it is not
> patchable, that M$ might "encourage" their "customers" to upgrade. That is
> how they do business. Shaddy pr$ck$....
>
> Im
Well they are in business to make money after all Imhotep. But it would
be nice if they started out with a slighty more stable and secure
system.
Re: New IP based security hole in Windows 2000 (yet again)
Imhotep wrote:
> Imhotep wrote:
>
>
>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>>Time for Linux/BSD everyone...
>>
>>Michael
>
>
> MS probably won't patch this as a ploy to get their "customers" to
> upgrade...shaddy bastards...
>
> -Im
The thing is I can't help bout wonder if this flaw isn't either the same
flaw or related to the flaw in many NIC cards that allow exploitation at
TCP/IP layer 2. Though cryptic, it sure sounds like someone figured
out how to exploit it effectively.
But thanks for the link, sure glad we left W2K behind, but I am curious
to see if flaw has a wider scope than advertised.
Re: New IP based security hole in Windows 2000 (yet again)
Winged wrote:
> Imhotep wrote:
>> Imhotep wrote:
>>
>>
>>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>
>>>Time for Linux/BSD everyone...
>>>
>>>Michael
>>
>>
>> MS probably won't patch this as a ploy to get their "customers" to
>> upgrade...shaddy bastards...
>>
>> -Im
>
> The thing is I can't help bout wonder if this flaw isn't either the same
> flaw or related to the flaw in many NIC cards that allow exploitation at
> TCP/IP layer 2. Though cryptic, it sure sounds like someone figured
> out how to exploit it effectively.
>
> But thanks for the link, sure glad we left W2K behind, but I am curious
> to see if flaw has a wider scope than advertised.
>
> Winged
It sure could be a layer 2 security hole. It could be many things, even in
layer 3, ICMP/IGMP a security hole in multicasts, etc, etc.
I sure am glad I do not user Winblows...At work we are seriously looking
into Red Hat and other technologies to get away from the Microsoft trap...
Re: New IP based security hole in Windows 2000 (yet again)
Jason wrote:
> * Imhotep <Imhotep@nospam.com>:
>> Quaoar wrote:
>>
>>> Imhotep wrote:
>>>> Imhotep wrote:
>>>>
>>>>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>>>
>>>>> Time for Linux/BSD everyone...
>>>>>
>>>>> Michael
>>>>
>>>> MS probably won't patch this as a ploy to get their "customers" to
>>>> upgrade...shaddy bastards...
>>>>
>>>> -Im
>>>
>>> M$ will patch; there are far too many businesses running Win2K to
>>> ignore.
>>>
>>> Q
>>
>> Maybe, but it would not surprise me, the article says that it is not
>> patchable, that M$ might "encourage" their "customers" to upgrade. That
>> is how they do business. Shaddy pr$ck$....
>>
>> Im
>
> Well they are in business to make money after all Imhotep. But it would
> be nice if they started out with a slighty more stable and secure
> system.
>
> Jason
They are in business to make money: fair enough. However, it is *HOW*
Microsuck goes about it, that I can not stand. I will assume you know what
I mean...
You say that like Linux has no flaws(for a better word). If I'm not
mistaken Linux has had more security patches over the last 6 months than MS
has. I actually don't see most of this stuff as flaws but more as exploits.
Crackers in a dark hole somewhere can crack anything if they hit it enough.
Even the precious Linux Kernel.
FWIW, I wish I new Linux better! :-) I'm trying though.
Re: New IP based security hole in Windows 2000 (yet again)
Jbob wrote:
> "Imhotep" <Imhotep@nospam.com> wrote in message
> news:nfwIe.51419$t43.38702@tornado.tampabay.rr.com ...
>
>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>>Time for Linux/BSD everyone...
>>
>>Michael
>
>
> You say that like Linux has no flaws(for a better word). If I'm not
> mistaken Linux has had more security patches over the last 6 months than MS
> has. I actually don't see most of this stuff as flaws but more as exploits.
> Crackers in a dark hole somewhere can crack anything if they hit it enough.
> Even the precious Linux Kernel.
>
> FWIW, I wish I new Linux better! :-) I'm trying though.
>
>
If the flaw is a level 2 flaw, there is a very high probability that
Linux and a lot of other things may be impacted though the method may
not yet be figured. The flaw I was referring to exists at the hardware
/driver level. I only figured out one exploit that took advantage of
the drivers (ping a computer with large window size, many NIC cards use
memory to pad packet window. Read returned packet pad to capture what
is in remote memory (often contains login / passwords). This method
often bypasses firewalls if the level machine allows a ping response. A
series of large ping packets often returns different memory segments).
I do know the above does work on some Linux systems as well with the
right NIC card(or wrong one depending on viewpoint). I suspect they
have found something similar to the above method that allows more
complex interaction.
While I would never say this publicly, there is a lot of very similar
code between Linux connector and the win sockets MS uses...I won't say
MS copied Linux..but is is very similar...shrugs...guess we will wait n
see.
Re: New IP based security hole in Windows 2000 (yet again)
On Fri, 5 Aug 2005 01:45:26 -0500, "Jbob" <nobody@SpamCox.net> wrote:
>"Imhotep" <Imhotep@nospam.com> wrote in message
>news:nfwIe.51419$t43.38702@tornado.tampabay.rr.co m...
>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>> Time for Linux/BSD everyone...
>>
>> Michael
>
>You say that like Linux has no flaws(for a better word). If I'm not
>mistaken Linux has had more security patches over the last 6 months than MS
>has. I actually don't see most of this stuff as flaws but more as exploits.
>Crackers in a dark hole somewhere can crack anything if they hit it enough.
>Even the precious Linux Kernel.
>
>FWIW, I wish I new Linux better! :-) I'm trying though.
Firstly, a lot of people assume that because an exploit is found in a
service or software installed on Linux, such as Apache, PHP or
Sendmail etc, that it is Linux that is as fault.
This is false.
When it comes to Linux (or other *nix based sysems), a sysadmin or
user will generally have the option of installing software/services as
they see fit.
In most cases, *you* have the choice as to what you want to install or
offer on a *nix based system.
A good sysadmin will install the minimal amount to have a system
operational.
In the case of an M$ based server, you don't always have this option
as M$ try to "incorporate" what they see as important
features/services - whether you like them or not.
Ever tried uninstalling Internet Explorer from Windows 2000, XP or
Windows 2003 Server?
Regardless of the OS, a system is only as secure as the person who
configured it that way - and even then, you can't guarantee security.
Re: New IP based security hole in Windows 2000 (yet again)
In the Usenet newsgroup alt.computer.security, in article
<kYadnTmN5-eUlm7fRVn-rw@comcast.com>, Jbob wrote:
>"Imhotep" <Imhotep@nospam.com> wrote:
>> Time for Linux/BSD everyone...
>You say that like Linux has no flaws(for a better word).
*BSD* is not Linux. The four (BSD386, FreeBSD, NetBSD, OpenBSD) are
similar in that they are like UNIX, but they are as different from one
another (and Linux) as cars from different manufacturers.
>If I'm not mistaken Linux has had more security patches over the last
>6 months than MS has.
Microsoft is trying to advertise that - yes, but oranges and tomatoes are
different. Most Linux distributions come with hundreds of applications,
but the applications are not part of the operating system. If the 200+
Linux distributors each release a patch for the same problem in a web
browser like Mozilla (one of many browsers that come with each distribution;
the one I'm using at home has seven different browsers) is that one patch
by your count, or two hundred? Or none, because it's a separate application.
Then to, most Linux distributors release patches and errata immediately,
instead of waiting to release one massive "Urgent Security Update" each
month that contain an unknown number of patches that may or may not fix
problems that have been around for a month to a year or more.
>I actually don't see most of this stuff as flaws but more as exploits.
>Crackers in a dark hole somewhere can crack anything if they hit it enough.
That's a recent kernel source file - 46.7 Megabyte compressed, about
four million lines of C code. The applications are separate. The average
distribution includes another 2,500 Megabytes compressed of the source
code for the applications. So the crackers have something like 250
million lines of the sources - and they can't find stuff to crack in
that? Microsoft has never released the entire source for the O/S or any
application, and we have this huge business in anti-virus, anti-worm,
anti-trojan, anti-spyware programs for windoze - why?
>Even the precious Linux Kernel.
It's been tried. The advantage is that everyone can see the source, and
anyone seeing a problem can either fix it themselves, or tell the world
about it, so that someone else can fix it. Looking at the ChangeLog file
for the 2.6.12 kernel, I see 423 different people from around the world who
supplied changes. Most bug fixes are available in hours, though the Intel
'F00F' bug in 1997 took seven days (and microsoft has never bothered to fix
because it was a hardware bug - google for it).
>FWIW, I wish I new Linux better! :-) I'm trying though.
But as noted above, Linux isn't the only game in town, though the "popular"
distributions like Fedora, Mandriva and SuSE try to make it a lot more
newbie friendly than the *BSDs.
Re: New IP based security hole in Windows 2000 (yet again)
"Moe Trin" <ibuprofin@painkiller.example.tld> wrote in message
news:slrndf7fco.99v.ibuprofin@compton.phx.az.us...
>
> *BSD* is not Linux. The four (BSD386, FreeBSD, NetBSD, OpenBSD) are
> similar in that they are like UNIX, but they are as different from one
> another (and Linux) as cars from different manufacturers.
Agreed but I was mainly referring to Linux
>
>>If I'm not mistaken Linux has had more security patches over the last
>>6 months than MS has.
>
> Microsoft is trying to advertise that - yes, but oranges and tomatoes are
> different. Most Linux distributions come with hundreds of applications,
> but the applications are not part of the operating system. If the 200+
> Linux distributors each release a patch for the same problem in a web
> browser like Mozilla (one of many browsers that come with each
> distribution;
> the one I'm using at home has seven different browsers) is that one patch
> by your count, or two hundred? Or none, because it's a separate
> application.
Perhaps but I didn't read this stuff from MS. And besides what use is any
Linux Disto without the extra apps that come with the kernel?
>
> Then to, most Linux distributors release patches and errata immediately,
> instead of waiting to release one massive "Urgent Security Update" each
> month that contain an unknown number of patches that may or may not fix
> problems that have been around for a month to a year or more.
>
Again my issue is with flaws/exploits/etc and not how quickly they are
patched.
>>I actually don't see most of this stuff as flaws but more as exploits.
>>Crackers in a dark hole somewhere can crack anything if they hit it
>>enough.
>
> -rw-rw-r-- 1 admin admin 46713120 Jul 15 21:57 linux-2.6.12.3.tar.gz
>
> That's a recent kernel source file - 46.7 Megabyte compressed, about
> four million lines of C code. The applications are separate. The average
> distribution includes another 2,500 Megabytes compressed of the source
> code for the applications. So the crackers have something like 250
> million lines of the sources - and they can't find stuff to crack in
> that? Microsoft has never released the entire source for the O/S or any
> application, and we have this huge business in anti-virus, anti-worm,
> anti-trojan, anti-spyware programs for windoze - why?
>
>>Even the precious Linux Kernel.
>
> It's been tried. The advantage is that everyone can see the source, and
> anyone seeing a problem can either fix it themselves, or tell the world
> about it, so that someone else can fix it. Looking at the ChangeLog file
> for the 2.6.12 kernel, I see 423 different people from around the world
> who
> supplied changes. Most bug fixes are available in hours, though the Intel
> 'F00F' bug in 1997 took seven days (and microsoft has never bothered to
> fix
> because it was a hardware bug - google for it).
>
Believe what you will. I just think if Linux was the main game in town it
would be targeted much more than it is now and we'd be seeing even more
serious indications of failures. It is my perspective that as long as a
cracker is looking, someone is gonna find something to exploit whether it be
MS or Linux or even Cisco IOS. lol
I already am trying distros of Mandrake/Mandriva and Redhat/Fedora. I have
tried Redhat from 7.1 and am now trying FC4. Also have Ubuntu and Knoppix
to try. I just find it hard to make the switch. Just seems so hard to load
anything outside of a web update for me. Just need to spend more time with
it. Thanks for the links though.
>
> Old guy
Re: New IP based security hole in Windows 2000 (yet again)
In the Usenet newsgroup alt.computer.security, in article
<yeKdnfx1l8BRb27fRVn-oA@comcast.com>, Jbob wrote:
>Agreed but I was mainly referring to Linux
Yes, but the O/P mentioned both as alternatives.
>Perhaps but I didn't read this stuff from MS. And besides what use is any
>Linux Disto without the extra apps that come with the kernel?
What was the use of MS-DOS versions 1 thru 6.22? What about Windoze 3.1?
No applications at all, and only a few support programs.
Below, you mention you are trying FC 4. Boot that, and watch as it does.
First you see the boot loader - GRUB (from the FSF) which is not Linux. It's
used to load any thing, including windoze, *nix, *BSD - you name it.
Then you see the kernel load and start - that's Linux. Next, you see a
splash screen. and you run through starting up the various services. Only
a small portion of that (serial drivers, network, firewall) is part of
Linux. The rest is from the distributor (Red Hat in this case) or third
parties. The 'libraries' that are used by the kernel - are not part of
it. Nearly everyone is using 'glibc2' (GNU C Library version 2), but
there are some who use others, like the Intel libraries.
Booting to a command line? That's GNU Bash - not part of the kernel. Using
a GUI? Well, the first thing is the X server (XFree or in your case X Org)
then some window manager (the default on FC is GNOME - others use KDE)
exactly none of which is part of Linux, because they run on any *nix that
runs a window manager. You are running applications - like some browser,
a mail tool, a news tool... if the names begin with a K, they're most
likely part of KDE. Other stuff is GNOME. How much Linux have you seen?
I run X to give me lots of terminals to type in - there isn't an icon to
be seen on my desktop. But the commands I'm using?
Each one of those lines is considered one command. The first line looks to
see how many commands are in my PATH - 1302. The next line shows how many
commands my shell remembers me using. The next line parses those 1000
commands I've just used, and breaks them down into components - that line
actually has seven commands cascaded to do something useful - and then sorts
things out to see how many _different_ commands there are in use. So, of
the 1300 commands on this system, I've used just 78, over and over (and I
think you can see I have a bit of experience doing this). Use the 'man'
command (start with 'man man' to get the man page on the man pages) to see
what those commands are doing. The point of all this? Not one of those
1300 commands is part of Linux. Nearly all are free versions that mimic the
commands originally created by Bell Labs when they created UNIX 35+ years
ago. More commands came from the various universities - but are still not
part of any single O/S.
>> most Linux distributors release patches and errata immediately, instead
>> of waiting to release one massive "Urgent Security Update" each month
>> that contain an unknown number of patches
>Again my issue is with flaws/exploits/etc and not how quickly they are
>patched.
My response was "many" patches - there were some 300 errata over the life
of Red Hat 9 for example - compared to a blob that contains an unknown
number of patches.
>Believe what you will. I just think if Linux was the main game in town it
>would be targeted much more than it is now and we'd be seeing even more
>serious indications of failures.
Most of the servers you use on the net are not windoze - they are one or
another of the *nix. The routers? Surely you don't think that stuff
would be running windoze. Why are the crackers going after windoze?
They like easy targets that often have big payoffs.
>It is my perspective that as long as a cracker is looking, someone is
>gonna find something to exploit whether it be MS or Linux or even Cisco
>IOS. lol
Well, hopefully, you have learned to use a "user account" in Linux, rather
than 'root'. If so, you've already prevented about 3/4 of the possible
cracks. Why? You don't have permission to do anything to the system. You
don't need it, except for system maintenance, and a lot of that has been
automated for you. You notice that ALL of the browsers available outside
of windoze don't assume you have the intelligence of a rock, and don't
try to auto-install, auto-open, auto-infect your system. Honestly,
another major reason we don't have the virus/trojan/worm/spyware problem
so prevalent in windoze is that this stuff is harder, and you need people
who can actually think. Windoze doesn't need that.
>I already am trying distros of Mandrake/Mandriva and Redhat/Fedora. I have
>tried Redhat from 7.1 and am now trying FC4. Also have Ubuntu and Knoppix
>to try. I just find it hard to make the switch.
Understandable. This stuff _is_ different.
>Just seems so hard to load anything outside of a web update for me.
That's semi-intentional, and an artifact about the origins of the
operating system. *nix was maintained by the IT staff, the people who
had training and experience. When I started with UNIX many years ago, I
went six months without knowing who the 'root' was. It was about 18
months before I got the rough equivalent of a sudo account, that allowed
me to shutdown the systems, mount/umount (not a typo) hard disks and
tapes. It was 6 months MORE before I got a root account - call it two
years after I started. Even so, I was absolutely terrified that I was
going to fumble finger something, and have the system come crashing
down about my ears, and have several hundred users after my head. Today,
root is the first account you got.
>Just need to spend more time with it. Thanks for the links though.
Installing software is fairly easy, thanks to the package managers like
rpm, YUM, aptget, dpkg, YAST, and so on. Until you are comfortable, you
should limit yourself to packages supplied by your distributor. As you
gain experience, you can try packages from other sources (not all are
compatible, and that's part of the learning process). And you can really
get gutsy, and install stuff from tarballs - that you have to configure
the Makefile first (often done automagically), then 'make' (which does
the compiling) and 'make install' which installs the executables.
Take your time - learn what you are doing, and things will work out fine.
Re: New IP based security hole in Windows 2000 (yet again)
Jbob wrote:
> "Imhotep" <Imhotep@nospam.com> wrote in message
> news:nfwIe.51419$t43.38702@tornado.tampabay.rr.com ...
>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>> Time for Linux/BSD everyone...
>>
>> Michael
>
> You say that like Linux has no flaws(for a better word). If I'm not
> mistaken Linux has had more security patches over the last 6 months than
> MS
> has.
OK hold it right there...do you actually read the patches? How many are from
linux vs third party apps. Take that number ad compare to the number of
windows patches...then we will talk.
> I actually don't see most of this stuff as flaws but more as
> exploits. Crackers in a dark hole somewhere can crack anything if they hit
> it enough. Even the precious Linux Kernel.
>
> FWIW, I wish I new Linux better! :-) I'm trying though.
Learn there are plenty of classes and online info...
Re: New IP based security hole in Windows 2000 (yet again)
Moe Trin wrote:
> In the Usenet newsgroup alt.computer.security, in article
> <kYadnTmN5-eUlm7fRVn-rw@comcast.com>, Jbob wrote:
>
>>"Imhotep" <Imhotep@nospam.com> wrote:
>
>>> Time for Linux/BSD everyone...
>
>>You say that like Linux has no flaws(for a better word).
>
> *BSD* is not Linux. The four (BSD386, FreeBSD, NetBSD, OpenBSD) are
> similar in that they are like UNIX, but they are as different from one
> another (and Linux) as cars from different manufacturers.
>
>>If I'm not mistaken Linux has had more security patches over the last
>>6 months than MS has.
>
> Microsoft is trying to advertise that - yes, but oranges and tomatoes are
> different. Most Linux distributions come with hundreds of applications,
> but the applications are not part of the operating system. If the 200+
> Linux distributors each release a patch for the same problem in a web
> browser like Mozilla (one of many browsers that come with each
> distribution; the one I'm using at home has seven different browsers) is
> that one patch by your count, or two hundred? Or none, because it's a
> separate application.
>
> Then to, most Linux distributors release patches and errata immediately,
> instead of waiting to release one massive "Urgent Security Update" each
> month that contain an unknown number of patches that may or may not fix
> problems that have been around for a month to a year or more.
>
>>I actually don't see most of this stuff as flaws but more as exploits.
>>Crackers in a dark hole somewhere can crack anything if they hit it
>>enough.
>
> -rw-rw-r-- 1 admin admin 46713120 Jul 15 21:57 linux-2.6.12.3.tar.gz
>
> That's a recent kernel source file - 46.7 Megabyte compressed, about
> four million lines of C code. The applications are separate. The average
> distribution includes another 2,500 Megabytes compressed of the source
> code for the applications. So the crackers have something like 250
> million lines of the sources - and they can't find stuff to crack in
> that? Microsoft has never released the entire source for the O/S or any
> application, and we have this huge business in anti-virus, anti-worm,
> anti-trojan, anti-spyware programs for windoze - why?
>
>>Even the precious Linux Kernel.
>
> It's been tried. The advantage is that everyone can see the source, and
> anyone seeing a problem can either fix it themselves, or tell the world
> about it, so that someone else can fix it. Looking at the ChangeLog file
> for the 2.6.12 kernel, I see 423 different people from around the world
> who
> supplied changes. Most bug fixes are available in hours, though the Intel
> 'F00F' bug in 1997 took seven days (and microsoft has never bothered to
> fix because it was a hardware bug - google for it).
>
>>FWIW, I wish I new Linux better! :-) I'm trying though.
>
> http://ibiblio.org/pub/linux/docs/HOWTO/
> http://en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html
>
> http://tldp.org/guides.html
> http://ibiblio.org/pub/linux/docs/linux-doc-project/
>
> http://www.distrowatch.com/
>
> http://distro.ibiblio.org/pub/linux/distributions/
>
> But as noted above, Linux isn't the only game in town, though the
> "popular" distributions like Fedora, Mandriva and SuSE try to make it a
> lot more newbie friendly than the *BSDs.
>
> Old guy
Re: New IP based security hole in Windows 2000 (yet again)
Moe Trin wrote:
> In the Usenet newsgroup alt.computer.security, in article
> <yeKdnfx1l8BRb27fRVn-oA@comcast.com>, Jbob wrote:
>
>>Agreed but I was mainly referring to Linux
>
> Yes, but the O/P mentioned both as alternatives.
>
>>Perhaps but I didn't read this stuff from MS. And besides what use is any
>>Linux Disto without the extra apps that come with the kernel?
>
> What was the use of MS-DOS versions 1 thru 6.22? What about Windoze 3.1?
> No applications at all, and only a few support programs.
>
> Below, you mention you are trying FC 4. Boot that, and watch as it does.
> First you see the boot loader - GRUB (from the FSF) which is not Linux.
> It's used to load any thing, including windoze, *nix, *BSD - you name it.
>
> Then you see the kernel load and start - that's Linux. Next, you see a
> splash screen. and you run through starting up the various services. Only
> a small portion of that (serial drivers, network, firewall) is part of
> Linux. The rest is from the distributor (Red Hat in this case) or third
> parties. The 'libraries' that are used by the kernel - are not part of
> it. Nearly everyone is using 'glibc2' (GNU C Library version 2), but
> there are some who use others, like the Intel libraries.
>
> Booting to a command line? That's GNU Bash - not part of the kernel. Using
> a GUI? Well, the first thing is the X server (XFree or in your case X
> Org) then some window manager (the default on FC is GNOME - others use
> KDE) exactly none of which is part of Linux, because they run on any *nix
> that
> runs a window manager. You are running applications - like some browser,
> a mail tool, a news tool... if the names begin with a K, they're most
> likely part of KDE. Other stuff is GNOME. How much Linux have you seen?
> I run X to give me lots of terminals to type in - there isn't an icon to
> be seen on my desktop. But the commands I'm using?
>
> [compton ~]$ ls `echo $PATH | tr ':' ' '` | egrep -vc '(:|^$)'
> 1302
> [compton ~]$ echo $HISTSIZE
> 1000
> [compton ~]$ history | sed 's/^......//' | tr '|' '\n' | sed 's/^ *//' |
> [cut
> -d' ' -f1 | sort -u | wc -l
> 78
> [compton ~]$
>
> Each one of those lines is considered one command. The first line looks to
> see how many commands are in my PATH - 1302. The next line shows how many
> commands my shell remembers me using. The next line parses those 1000
> commands I've just used, and breaks them down into components - that line
> actually has seven commands cascaded to do something useful - and then
> sorts
> things out to see how many _different_ commands there are in use. So, of
> the 1300 commands on this system, I've used just 78, over and over (and I
> think you can see I have a bit of experience doing this). Use the 'man'
> command (start with 'man man' to get the man page on the man pages) to see
> what those commands are doing. The point of all this? Not one of those
> 1300 commands is part of Linux. Nearly all are free versions that mimic
> the commands originally created by Bell Labs when they created UNIX 35+
> years ago. More commands came from the various universities - but are
> still not part of any single O/S.
>
>>> most Linux distributors release patches and errata immediately, instead
>>> of waiting to release one massive "Urgent Security Update" each month
>>> that contain an unknown number of patches
>
>>Again my issue is with flaws/exploits/etc and not how quickly they are
>>patched.
>
> My response was "many" patches - there were some 300 errata over the life
> of Red Hat 9 for example - compared to a blob that contains an unknown
> number of patches.
>
>>Believe what you will. I just think if Linux was the main game in town it
>>would be targeted much more than it is now and we'd be seeing even more
>>serious indications of failures.
>
> Most of the servers you use on the net are not windoze - they are one or
> another of the *nix. The routers? Surely you don't think that stuff
> would be running windoze. Why are the crackers going after windoze?
> They like easy targets that often have big payoffs.
>
>>It is my perspective that as long as a cracker is looking, someone is
>>gonna find something to exploit whether it be MS or Linux or even Cisco
>>IOS. lol
>
> Well, hopefully, you have learned to use a "user account" in Linux, rather
> than 'root'. If so, you've already prevented about 3/4 of the possible
> cracks. Why? You don't have permission to do anything to the system. You
> don't need it, except for system maintenance, and a lot of that has been
> automated for you. You notice that ALL of the browsers available outside
> of windoze don't assume you have the intelligence of a rock, and don't
> try to auto-install, auto-open, auto-infect your system. Honestly,
> another major reason we don't have the virus/trojan/worm/spyware problem
> so prevalent in windoze is that this stuff is harder, and you need people
> who can actually think. Windoze doesn't need that.
>
>>I already am trying distros of Mandrake/Mandriva and Redhat/Fedora. I
>>have
>>tried Redhat from 7.1 and am now trying FC4. Also have Ubuntu and Knoppix
>>to try. I just find it hard to make the switch.
>
> Understandable. This stuff _is_ different.
>
>>Just seems so hard to load anything outside of a web update for me.
>
> That's semi-intentional, and an artifact about the origins of the
> operating system. *nix was maintained by the IT staff, the people who
> had training and experience. When I started with UNIX many years ago, I
> went six months without knowing who the 'root' was. It was about 18
> months before I got the rough equivalent of a sudo account, that allowed
> me to shutdown the systems, mount/umount (not a typo) hard disks and
> tapes. It was 6 months MORE before I got a root account - call it two
> years after I started. Even so, I was absolutely terrified that I was
> going to fumble finger something, and have the system come crashing
> down about my ears, and have several hundred users after my head. Today,
> root is the first account you got.
>
>>Just need to spend more time with it. Thanks for the links though.
>
> Installing software is fairly easy, thanks to the package managers like
> rpm, YUM, aptget, dpkg, YAST, and so on. Until you are comfortable, you
> should limit yourself to packages supplied by your distributor. As you
> gain experience, you can try packages from other sources (not all are
> compatible, and that's part of the learning process). And you can really
> get gutsy, and install stuff from tarballs - that you have to configure
> the Makefile first (often done automagically), then 'make' (which does
> the compiling) and 'make install' which installs the executables.
> Take your time - learn what you are doing, and things will work out fine.
>
> Old guy
...Again very nice put. Maybe we should call you Professor Old Guy???
Re: New IP based security hole in Windows 2000 (yet again)
On Fri, 5 Aug 2005 01:45:26 -0500, in alt.computer.security , "Jbob"
<nobody@SpamCox.net> in <kYadnTmN5-eUlm7fRVn-rw@comcast.com> wrote:
>"Imhotep" <Imhotep@nospam.com> wrote in message
>news:nfwIe.51419$t43.38702@tornado.tampabay.rr.co m...
>> http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>
>> Time for Linux/BSD everyone...
>>
>> Michael
>
>You say that like Linux has no flaws(for a better word). If I'm not
>mistaken Linux has had more security patches over the last 6 months than MS
>has. I actually don't see most of this stuff as flaws but more as exploits.
>Crackers in a dark hole somewhere can crack anything if they hit it enough.
>Even the precious Linux Kernel.
>
>FWIW, I wish I new Linux better! :-) I'm trying though.
>
I can't see how number of security patches tell us anything about the
security of a system. Tracking the number of known security holes fix
over time would tell us something as would the length of time from
discovery to getting fixed. The trend line would give us an indication
of the number of bugs as yet undiscovered or fixed.
--
Matt Silberstein
And now our bodies are oh so close and tight
It never felt so good, it never felt so right
And we're glowing like the metal on the edge of a knife
C'mon! Hold on tight!
C'mon! Hold on tight!
Though it's cold and lonley in the deep dark night
I can see paradise by the dashboard light
Paradise by the dashboard light
And now our bodies are oh so close and tight
It never felt so good, it never felt so right
And we're glowing like the metal on the edge of a knife
C'mon! Hold on tight!
C'mon! Hold on tight!
Though it's cold and lonley in the deep dark night
I can see paradise by the dashboard light
Paradise by the dashboard light
Re: New IP based security hole in Windows 2000 (yet again)
Imhotep wrote:
> Matt Silberstein wrote:
>
>
>>On Thu, 04 Aug 2005 22:01:55 GMT, in alt.computer.security , Imhotep
>><Imhotep@nospam.com> in
>><nfwIe.51419$t43.38702@tornado.tampabay.rr.com > wrote:
>>
>>
>>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>
>>>Time for Linux/BSD everyone...
>>>
>>
>>Is this flaw the one exploited by the current worm in the news?
>>
>>http://www.cnn.com/2005/TECH/interne...orm/index.html
>>
>>
>>
>
>
> The worm uses the PnP security hole...which is fixed by one of the
> patches...
Yup...Seems a number of news organizations got hit hard, including CNN..
Re: New IP based security hole in Windows 2000 (yet again)
Imhotep <Imhotep@nospam.com> wrote in
news:uSLMe.35972$dJ5.20409@tornado.tampabay.rr.com :
> Matt Silberstein wrote:
>
>> On Thu, 04 Aug 2005 22:01:55 GMT, in alt.computer.security ,
>> Imhotep <Imhotep@nospam.com> in
>> <nfwIe.51419$t43.38702@tornado.tampabay.rr.com> wrote:
>>
>>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>
>>>Time for Linux/BSD everyone...
>>>
>> Is this flaw the one exploited by the current worm in the news?
>>
>> http://www.cnn.com/2005/TECH/interne...ter.worm/index.
>> html
>>
>>
>>
>
> The worm uses the PnP security hole...which is fixed by one of
> the patches...
....but, more importantly, it attacks via ports 139 and 445. Not
having these open on Internet connections and a firewall would've
helped.
Re: New IP based security hole in Windows 2000 (yet again)
McSpreader wrote:
> Imhotep <Imhotep@nospam.com> wrote in
> news:uSLMe.35972$dJ5.20409@tornado.tampabay.rr.com :
>
>> Matt Silberstein wrote:
>>
>>> On Thu, 04 Aug 2005 22:01:55 GMT, in alt.computer.security ,
>>> Imhotep <Imhotep@nospam.com> in
>>> <nfwIe.51419$t43.38702@tornado.tampabay.rr.com> wrote:
>>>
>>>>http://www.vnunet.com/vnunet/news/21...2000-wide-open
>>>>
>>>>Time for Linux/BSD everyone...
>>>>
>>> Is this flaw the one exploited by the current worm in the news?
>>>
>>> http://www.cnn.com/2005/TECH/interne...ter.worm/index.
>>> html
>>>
>>>
>>>
>>
>> The worm uses the PnP security hole...which is fixed by one of
>> the patches...
>
> ...but, more importantly, it attacks via ports 139 and 445. Not
> having these open on Internet connections and a firewall would've
> helped.
....some of the variants are getting into companies and from there infecting
everything (most internal security within companies are quite bad). What is
making it worse is the fact that many companies allow local administrator.
People download all sorts of crap. Some of the variants are being
"packaged" as a trojan.
Yet another good reason to ditch Microsoft and it's crapware.
Re: New IP based security hole in Windows 2000 (yet again)
"Imhotep" <Imhotep@nospam.com> wrote in message
news:uSLMe.35972$dJ5.20409@tornado.tampabay.rr.com ...
>
> The worm uses the PnP security hole...which is fixed by one of the
> patches...
Actually it's a UPnP security hole. UPnP and PnP are two different things.
Re: New IP based security hole in Windows 2000 (yet again)
Jbob wrote:
> "Imhotep" <Imhotep@nospam.com> wrote in message
> news:uSLMe.35972$dJ5.20409@tornado.tampabay.rr.com ...
>>
>> The worm uses the PnP security hole...which is fixed by one of the
>> patches...
>
> Actually it's a UPnP security hole. UPnP and PnP are two different
> things.
Re: New IP based security hole in Windows 2000 (yet again)
Jbob wrote:
> "Imhotep" <Imhotep@nospam.com> wrote in message
> news:uSLMe.35972$dJ5.20409@tornado.tampabay.rr.com ...
>
>>The worm uses the PnP security hole...which is fixed by one of the
>>patches...
>
>
> Actually it's a UPnP security hole. UPnP and PnP are two different things.
>
>
Steve Gibson www.grc.com has been warning bout this for years...though
took a long time...Has a tool or reghack just to turn off those
services. Never had an impact in any of my evirons however I have heard
of some networks that use functionality.
Winged
Re: New IP based security hole in Windows 2000 (yet again)
"Jim Watt" <jimwatt@aol.no_way> wrote in message
news:iu9bg1ta26oirktef3jmh12o3kn3u6870h@4ax.com...
> On Thu, 18 Aug 2005 17:14:08 -0500, "Jbob" <nobody@SpamCox.net> wrote:
>
>>Among other things!
>
> Like spyware and Ddos attacks :)
>
> I guess this week some users wished thay had
> unplugged and prayed.
> --
> Jim Watt
> http://www.gibnet.com
Re: New IP based security hole in Windows 2000 (yet again)
Winged wrote:
> Jbob wrote:
>
<SNIP>
> Steve Gibson www.grc.com has been warning bout this for years...though
> took a long time...Has a tool or reghack just to turn off those
> services. Never had an impact in any of my evirons however I have heard
> of some networks that use functionality.
> Winged
Yup, in 2001! Here's the link to Steve's "UnPlug 'N Play"
New IP based security hole in Windows 2000 (yet again) 