Re: No new posts...did you all get wiped out with the new windows worm?

---

• From: "Allan Smith" <guesswho@xxxxxxxxxxxxxxxxxxx>
• Date: Tue, 20 Jan 2009 08:52:12 -0500

---

non,

First, let's define some terms. I think of "Linux kernel, Ubuntu distro" in
the same way I think of "Windows kernel, Windows distro". It just happens
that in the latter case, the name of the foundation, and the name of the
architect/builder of the structure upon it, have the same name. One must
differentiate between a "kernel" vulnerability, and a "distro"
vulnerability.

As for the "kernel", Google "linux kernel vulnerabilities". Then search on
"windows kernel vulnerabilities". I think there were several windows-kernel
vulnerabilities in 2008, discovered by researchers and corrected before
exploitation (unless someone didn't apply the patch). Most kernel
vulnerabilites, Linux or Windows, are ones of "privelege elevation", where
the attacker gets "super-user" status in the kernel.

One of Linux greatest vulnerabilities is that people don't think it has any.
Avast!, AVG, Avira, ClamAV, Eset, F-Secure, Panda, Sophos, and Symantec all
make AV products for Linux systems. The're not spending the R&D money
because there is no need.

You can find the Ubuntu-reported USN-list and associated CVE-numbers
http://www.ubuntu.com/usn
You will note that the list is long, and encompasses many CVE reports, some
kernel-related, some distro-related. There is a link there to sign up for
their ubuntu-security-announce mailing list. I assume there are similar
sites for RedHat and other Distros.

The Common Vulnerabilties and Exposure (CVE) site is at
http://cve.mitre.org/

The National Vunerability Database and CyberAlert Ssystem is at
http://nvd.nist.gov/

The Computer Emergency Readiness Team (CERT) is at
http://www.us-cert.gov/cas/alldocs.html

Most of them have mailing/notification lists.

A good summary of Linux-kernel vulnerabilities and partial list is at
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses
There are references and links there that may provide more assistance in
research.

The popular myth is that core-Linux is not suceptable to attacks. That is
simply false. It's architecture makes it as vulernable as either Mac or
Windows to compromise. It is up to the Distro, or to the user, to provide
the architectures to secure their implementation of Linux.

I do not have one single commercial customer running Linux-based system
without a security product of one flavor or another. The days of flying only
friendly skies, or of staying under the enemy radar, are over.

Allan

--
One asks, many answer, all learn -- Plato, on the 'Forum
---
True civility is when every one gives to every other one every right
that they claim for themselves.

"nonlinear warper" <non@xxxxxxxxxxx> wrote in message
news:gvCdnYbxntloKu7UnZ2dnUVZ_jWdnZ2d@xxxxxxxxxxxxxxx

On Sat, 17 Jan 2009 16:55:01 -0500, Allan Smith wrote:

Then there is reduced cause for worry. There are only about a thousand
pieces of malware that target Linux, less for Macs.

Low-profile targets. ;-)

Allan

I'm interested to know which malware targets the linux kernel and which
versions and/or distributions. Do you have a reference for that data
that you could point me to?

Thanks.

.

---

• References:
  • No new posts...did you all get wiped out with the new windows worm?
    • From: nonlinear warper
  • Re: No new posts...did you all get wiped out with the new windows worm?
    • From: Allan Smith
  • Re: No new posts...did you all get wiped out with the new windows worm?
    • From: nonlinear warper
  • Re: No new posts...did you all get wiped out with the new windows worm?
    • From: Allan Smith
  • Re: No new posts...did you all get wiped out with the new windows worm?
    • From: nonlinear warper

• Prev by Date: Re: Can you take to heart the words Dr. King spoke just 4 days before he was gunned down?
• Next by Date: Shoes for Bush!
• Previous by thread: Re: No new posts...did you all get wiped out with the new windows worm?
• Next by thread: Re: Barack Obama channels Lincoln, down to the pre-inaugural train trip
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Can HLA and X get along? ... distro using /bin, another using /usr/bin, another using ... Windows: "Documents and Settings" ... I can't understand why on earth the Linux users ... Herbert's Assembler is quite good. ... (alt.lang.asm) Re: Delphi Bugs ... > recompile the Linux kernel just to install a driver. ... You configure the kernel to have whatever features you want in it. ... Are you saying the vast majority of windows users are idiots? ... there are millions of computers that are not the ... (borland.public.delphi.non-technical) Re: Latetes Slew of patches. ... I've and others I visit often who use Linux, ... Why haven't you mentioned these things about windows? ... There may be an alert out for 'pppd', but it will tell which distro it's for. ... Where did I say anything about your post other than the computer science part? ... (microsoft.public.windowsxp.general) Re: sick of Linux bias ... the reason why you get such a bias towards linux even ... >>when some linux servers can be rooted just as easily as windows ones, ... no real kernel land and user land for applicaitons. ... redhat (for alot of them I just lie and install gentoo:)) that will ... (comp.security.firewalls) Re: sick of Linux bias ... the reason why you get such a bias towards linux even ... >>when some linux servers can be rooted just as easily as windows ones, ... no real kernel land and user land for applicaitons. ... redhat (for alot of them I just lie and install gentoo:)) that will ... (alt.computer.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)