New Computer? Six Steps to Safer Surfing

• Previous message (by thread): New Computer? Six Steps to Safer Surfing
• Next message (by thread): New Computer? Six Steps to Safer Surfing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 21, 2004 at 09:40:10AM +0000, Adrian Chadd wrote:

> No, wrong. Modern botnet type software can run as a non privileged user
> on most Unixes. It still has enough privilege to cause great harm.
> Spyware may require a little more privilege to be a bother.
> 

It's not snarfing passwords, it's not using raw sockets, it's not hiding
itself on the filesystem, it's not infecting or replacing binaries, it 
has limited functionality for restarting itself (cron, bash_login?), it's
trivial to clean up. 

Nobody said *nix wasn't vulnerable, it's simply less vulnerable and the
level of penetration can be severely limited.

In response to the post by Christopher Morrow, the typical *nix desktop
(should|is) not running apache, sshd, portmapper, etc. And sendmail is
installed listening only on the loopback interface from RedHat 9 onward.

The point being, you don't need a firewall. You need to turn off/remove/fix
the services that are causing the problem.

-- 
Matthew S. Hallacy                            FUBAR, LART, BOFH Certified
http://www.poptix.net                           GPG public key 0x01938203

• Previous message (by thread): New Computer? Six Steps to Safer Surfing
• Next message (by thread): New Computer? Six Steps to Safer Surfing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]