| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pauls at utdallas.edu (Paul Schmehl) Subject: Re: Administrivia: Testing Emergency Virus Filter.. --On Wednesday, August 20, 2003 17:37:48 -0700 "Gary E. Miller" <gem@...lim.com> wrote: > > The difference is this between and secure OS and an insecure one. > > On an Insecure OS, the virus gets in. glues itself on anywhere in the > machine. Maybe it attaches to a boot sector, maybe appends itself to > a system file, edits registry, maybe all the above and a lot more, > whatever. User logs out, the virus still runs as admin or root. > > Some virii even have hooks to turn off personal firewalls in an insecure > OS. > > On a Secure OS, the virus can only write to the (normal) users home > directory. Easy to find. Easy to delete. Virus can not write to > registry, boot sector, system directories, etc. Then when the user logs > out his processes are terminated or he is warned of something still > running. So virus does not continue after log out. > > On a secure OS, the (normal) user can not edit the personal firewall > setting so the cirus can not bypas that easily. > > Very secure OS can add even more restrictions on what a user can do. Like > prevent the user from running daemons, bots, etc... > > The makes a huge difference in how easy it is to be infected, how easy > it is to detect infection and how easy to disinfect. Now change the word "virus" to "trojan" or "rootkit", and your defense of *nix falls apart. OSes aren't secure unless *people* properly configure them. *Any* OS can be hacked if it's not properly maintained. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu
Powered by blists - more mailing lists