Checking Ports (Firewall)

René L. Reingard reingard at hispeed.ch
Fri Mar 25 19:56:48 UTC 2005 

thanks Andre for this deeper elaborations.
i feel much better right now riding my loptop with Ubuntu Linux.
as firewall i ru Firestarter. i do not much about that app.
how to check up all the ports of one's machine, 'cause you said ports are  
a much more interesting target for someone to attack?
or do we say: this job is done well enough by the Firestarter?

thanks for any more tricks and hints

René

+++++


Am Fri, 25 Mar 2005 21:27:48 +0200 schrieb Andre Truter  
<andre.truter at gmail.com>:

> On Fri, 25 Mar 2005 14:03:35 -0500, Jason Straight
> <jason at jeetkunedomaster.net> wrote:
>> On Thursday 24 March 2005 18:49, Andre Truter wrote:
>> > > a.) if working as a simple user, a virus attacks only a specific  
>> part of
>> > > the system? yes OR no?
>> >
>> > Yes, if you manage to get a virus, then it will only be able to work
>> > with your own files.  It cannot damage the system.
>>
>> Until the virus uses a local root exploit.
>
> Is it really practical and worth it to write a virus that can use a
> local root exploit?
> What are the chances that a box will have that exploit?
>
> Exploits are fixed relatively fast, so by the time a virus writer has
> written his virus that targets a specific exploit, most machines out
> there has already been patched.
>
> Then the virus still needs to get installed on such a vulnerable box
> and that in itself is a very difficult task for our virus, because of
> the design of the OS and most software used.
>
> With all these hurdles that the virus face, it might compromise maybe
> a few boxes.
> Now, is that time well spent for the virus writer?
>
> The virus will have a better chance if it is written to try out all
> known root exploits for the off chance that a box might still have one
> unpatched exploit.
> But this will make the virus big and complex.
> Again not very practical.
>
> It is easier to manually exploit a linux box.  You start with port
> scans to find possible targets, then you move from there and see what
> else is exploitable on such a box.
>
> That is why I say that your chances of getting atacked by a person is
> much better that geting infected by a virus.
> Linux is not a very virus-friendly environment, even if it has
> unpatched exploits.
>
> Yes, it is possible to get infected, just as it is possible to put
> wings on your car and turn it into an aeroplane.  It is just not very
> practical.
>
> At this stage viruses for Linux is more acedemic than practical and I
> think it will stay so for a very long time, except if you start to see
> really dumb Linux applications and distrobutions taking over the
> market.
> There is one distro (I forgot it's name - might be Linspire) that runs
> most stuff by default as root, even the user apps.  Now that is
> something that might end up being susceptable to virus attacks, but it
> is still less susceptable than Windows.
>



-- 
Erstellt mit Operas revolutionärem E-Mail-Modul: http://www.opera.com/m2/

More information about the ubuntu-users mailing list