lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3702955408.1061433810@localhost>
From: pauls at utdallas.edu (Paul Schmehl)
Subject: Re: Administrivia: Testing Emergency Virus
 Filter..

--On Wednesday, August 20, 2003 17:37:48 -0700 "Gary E. Miller" 
<gem@...lim.com> wrote:
>
> The difference is this between and secure OS and an insecure one.
>
> On an Insecure OS, the virus gets in. glues itself on anywhere in the
> machine.  Maybe it attaches to a boot sector, maybe appends itself to
> a system file, edits registry, maybe all the above and a lot more,
> whatever.  User logs out, the virus still runs as admin or root.
>
> Some virii even have hooks to turn off personal firewalls in an insecure
> OS.
>
> On a Secure OS, the virus can only write to the (normal) users home
> directory.  Easy to find.  Easy to delete.  Virus can not write to
> registry, boot sector, system directories, etc.  Then when the user logs
> out his processes are terminated or he is warned of something still
> running.  So virus does not continue after log out.
>
> On a secure OS, the (normal) user can not edit the personal firewall
> setting so the cirus can not bypas that easily.
>
> Very secure OS can add even more restrictions on what a user can do.  Like
> prevent the user from running daemons, bots, etc...
>
> The makes a huge difference in how easy it is to be infected, how easy
> it is to detect infection and how easy to disinfect.

Now change the word "virus" to "trojan" or "rootkit", and your defense of 
*nix falls apart.  OSes aren't secure unless *people* properly configure 
them.  *Any* OS can be hacked if it's not properly maintained.

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ