Xatrix Security

[Quaon]

Since Unix is completely open sourced, and new add ons are available every day, isnt the idea of unix security irrelevant? One second there could be a hole, and the next, its fixed. Or am I mistaken?

[phiber]

does anybody remember the phf bug back from the... ninetees?
it is still out there, although some servers have it faked on purpose.

But to stay on-topic... for ex.: linux kernels lately have local privilege escalation vulnerabilities. The nature of this vulnerabilities is that they are harder to exploit, therefore... security has been tightened. Firefox is widely-used-professionally-developed software which in version 2.0.0.4 allows a malicious site to read stored passwords.

I'm sure nobody will get my 2 cents

[Quaon]

Hypothetically, if the kernal was completely protected, then wouldnt virus's have to be written for a speific computer? Like I said before, since there are a million different combinations for the different versions, wouldnt it be impossible to write a virus for any of the linux machines? Assuming the kernal is completely protected of course.

[phiber]

Like I said before, since there are a million different combinations for the different versions, wouldnt it be impossible to write a virus for any of the linux machines? Assuming the kernal is completely protected of course.

Got your point but it all comes down to what one would define as "virus".

[Quaon]

In this case, lets assume the purpose of the virus is to erase your hard drive from a remote location. On a windows it would be standard, since all the Windows users are using the exact same thing. But wouldn't a virus have to written for a specific machine if it was using Linux?

[G-Brain]

In this case, lets assume the purpose of the virus is to erase your hard drive from a remote location. On a windows it would be standard, since all the Windows users are using the exact same thing. But wouldn't a virus have to written for a specific machine if it was using Linux?

Yes it would, Unix's power and security is in it's ability to be able to be customized. - What a sentence.

[Quaon]

Would any of you smart people know how to access that information from a remote windows station? Or is that impossible/

[phiber]

you mean, like the way you could do that with malformed gif and jpegs?

[Quaon]

Im talking about knowing exactly what addons they have for their unix machine.

[muto]

Well, if they're running a unix webserver, you can often see what addons they've got. Other than that, you can't really find out much about a unix box remotly. nmap might show you what they're running.

However, although *NIX systems can be highly customized, the core of the system is always going to be simllar. The main reason for *NIX being virus free is not the fact that each install is different, but from the fact it was built with security in mind. Almost no-one runs as root, which massivly limits what a virus can do from the start, and combined with the fact that need to chmod stuff to +x before it'll even execute also helps.

THC's amap might also be useful in enumeration...