OT -- For those Apple fanatics out there

Welcome to the real world... You finally have a large enough user base
that someone is willing to write a virus for your security
loopholes... Congratulations...

http://www.cnn.com/2006/TECH/04/30/a....ap/index.html

Not that I would be one to rub it in though... <evil-grin>

--
N581 -- AA5A -- AXH
http://www.narcosis-republic.us

In article <5nqb5296jtqpm1at4d8nmabc8dqqrc8qrf@4ax.com>, Grumman-581
<grumman581@DIE-SPAMMER-SCUM-gmail.com> wrote:

€ Welcome to the real world... You finally have a large enough user base
€ that someone is willing to write a virus for your security
€ loopholes... Congratulations...
€
€ http://www.cnn.com/2006/TECH/04/30/a....ap/index.html
€
€ Not that I would be one to rub it in though... <evil-grin>
€
€ --
€ N581 -- AA5A -- AXH
€ http://www.narcosis-republic.us



(actually, I'm more concerned about the fundamental problem in X11 than
I am about a virus that only works if you're dumb enough to open up
permissions on a particular directory).

On Thu, 04 May 2006 07:40:27 -0700, Alan Street
<agstreet@nonono_san.rr.com> wrote:

> (actually, I'm more concerned about the fundamental problem in X11 than
> I am about a virus that only works if you're dumb enough to open up
> permissions on a particular directory).

Hell, it you're going to limit viruses to only the ones where user
stupidity is not involved, that probably knocks out most of them...
Especially all the ones produced by all the script kiddies these
days... Ahhh, for the good ole days when to write a virus, you needed
to be able to program in the native assembly language of your target
machine and know the internals of said machine... Thank you MSFT for
making it so easy for even idiots to be able to write a virus these
days...

Thus spake Grumman-581 <grumman581@DIE-SPAMMER-SCUM-gmail.com> :

>On Thu, 04 May 2006 07:40:27 -0700, Alan Street
><agstreet@nonono_san.rr.com> wrote:
>
>> (actually, I'm more concerned about the fundamental problem in X11 than
>> I am about a virus that only works if you're dumb enough to open up
>> permissions on a particular directory).
>
>Hell, it you're going to limit viruses to only the ones where user
>stupidity is not involved, that probably knocks out most of them...
>Especially all the ones produced by all the script kiddies these
>days... Ahhh, for the good ole days when to write a virus, you needed
>to be able to program in the native assembly language of your target
>machine and know the internals of said machine... Thank you MSFT for
>making it so easy for even idiots to be able to write a virus these
>days...

Go to DEFCON this year if you want to meet skiddies and posuers. The
few really good hackers are people I know and fear. But we get along
pretty good because they know I run a Linux firewall and have Linux
running on a few boxes at home as well as on a laptop. Most "real"
hackers have a grudging respect for anyone who cares to run Linux (or
most *nix for that matter). It's the criminals that I fear, but most
of them are skiddies or are interested in more money than they can get
from me.

As far as X11 is concerned, those problems have been known for years
and years and are basically accepted as a price you pay (but not
enjoyed). VUE has such huge holes in it that nobody uses it anymore.
What's more disturbing is to find ftp or telnet available on a system
that has no reason to have it. Or finding ftp or telnet on ANY
system. Or any of the r services. SSH 2 is your friend.
--
dillon

I didn't climb to the top of the
food chain to become a vegetarian.

In article <nbbs521vt7r082uod5sso7olgscf44vcur@4ax.com>, Dillon Pyron
<dmpyronINVALID@austin.rr.com> wrote:

€ Thus spake Grumman-581 <grumman581@DIE-SPAMMER-SCUM-gmail.com> :
€
€ >On Thu, 04 May 2006 07:40:27 -0700, Alan Street
€ ><agstreet@nonono_san.rr.com> wrote:
€ >
€ >> (actually, I'm more concerned about the fundamental problem in X11 than
€ >> I am about a virus that only works if you're dumb enough to open up
€ >> permissions on a particular directory).
€ >
€ >Hell, it you're going to limit viruses to only the ones where user
€ >stupidity is not involved, that probably knocks out most of them...
€ >Especially all the ones produced by all the script kiddies these
€ >days... Ahhh, for the good ole days when to write a virus, you needed
€ >to be able to program in the native assembly language of your target
€ >machine and know the internals of said machine... Thank you MSFT for
€ >making it so easy for even idiots to be able to write a virus these
€ >days...
€
€ Go to DEFCON this year if you want to meet skiddies and posuers. The
€ few really good hackers are people I know and fear.

John Viega?

But we get along
€ pretty good because they know I run a Linux firewall and have Linux
€ running on a few boxes at home as well as on a laptop. Most "real"
€ hackers have a grudging respect for anyone who cares to run Linux (or
€ most *nix for that matter). It's the criminals that I fear, but most
€ of them are skiddies or are interested in more money than they can get
€ from me.
€
€ As far as X11 is concerned, those problems have been known for years
€ and years and are basically accepted as a price you pay (but not
€ enjoyed). VUE has such huge holes in it that nobody uses it anymore.
€ What's more disturbing is to find ftp or telnet available on a system
€ that has no reason to have it. Or finding ftp or telnet on ANY
€ system. Or any of the r services. SSH 2 is your friend.

Our IT people preach this constantly to anyone who will listen.

Thus spake Alan Street <agstreet@nonono_san.rr.com> :

>In article <nbbs521vt7r082uod5sso7olgscf44vcur@4ax.com>, Dillon Pyron
><dmpyronINVALID@austin.rr.com> wrote:
>
>€ Thus spake Grumman-581 <grumman581@DIE-SPAMMER-SCUM-gmail.com> :
>€
>€ >On Thu, 04 May 2006 07:40:27 -0700, Alan Street
>€ ><agstreet@nonono_san.rr.com> wrote:
>€ >
>€ >> (actually, I'm more concerned about the fundamental problem in X11 than
>€ >> I am about a virus that only works if you're dumb enough to open up
>€ >> permissions on a particular directory).
>€ >
>€ >Hell, it you're going to limit viruses to only the ones where user
>€ >stupidity is not involved, that probably knocks out most of them...
>€ >Especially all the ones produced by all the script kiddies these
>€ >days... Ahhh, for the good ole days when to write a virus, you needed
>€ >to be able to program in the native assembly language of your target
>€ >machine and know the internals of said machine... Thank you MSFT for
>€ >making it so easy for even idiots to be able to write a virus these
>€ >days...
>€
>€ Go to DEFCON this year if you want to meet skiddies and posuers. The
>€ few really good hackers are people I know and fear.
>
>John Viega?
>
>But we get along
>€ pretty good because they know I run a Linux firewall and have Linux
>€ running on a few boxes at home as well as on a laptop. Most "real"
>€ hackers have a grudging respect for anyone who cares to run Linux (or
>€ most *nix for that matter). It's the criminals that I fear, but most
>€ of them are skiddies or are interested in more money than they can get
>€ from me.
>€
>€ As far as X11 is concerned, those problems have been known for years
>€ and years and are basically accepted as a price you pay (but not
>€ enjoyed). VUE has such huge holes in it that nobody uses it anymore.
>€ What's more disturbing is to find ftp or telnet available on a system
>€ that has no reason to have it. Or finding ftp or telnet on ANY
>€ system. Or any of the r services. SSH 2 is your friend.
>
>Our IT people preach this constantly to anyone who will listen.

I a) wipe them out of inetd.conf b) rename the executables to
something else and make them nonexecutable c) alias the various ssh
commands to the r names and d) run a nightly sweep of all the systems
looking for rogue copies of the programs. Of course, something like
telnet doesn't work without an open port at the other end, but I don't
want to encourage using it out in the wild. If there's a specific
defined need for telnet or ftp to the outside, I have ONE system that
has this and people can only log into the machine when I let them.

tcpwrappers is also my friend.
--
dillon

I didn't climb to the top of the
food chain to become a vegetarian.