Virus Issue 2
andre.truter at gmail.com
Sat Mar 26 15:34:46 UTC 2005
On Sat, 26 Mar 2005 08:08:09 -0500, Jason Straight
<jason at jeetkunedomaster.net> wrote:
> On Saturday 26 March 2005 01:53, Andre Truter wrote:
> > The proplem is that people with Linux boxes are now focusing all thier
> > effort on virus protection, while nobody is looking at the more
> > realistic problem of being attacked by a cracker.
> Wait, you said that it wouldn't be practical for a virus writer to write a
> virus that's only going to infect a few hundred machines... But it would be
> practical for someone to spend their time instead cracking one machine at a
> time? :)
Yes. If you do it manually, you can only focus on the machines that
do have the vulnerability. With the correct scripts you can hack
quite quickly into a vulnerable box. A human with the correct
knowledge can do it much more efficient than a small, undetectable
Say you have 500 possible vulnerabilities out there and you have an
arsenal of scripts and tools to exploit these vulnerabilities.
You scan a machine and from the results you select the next tool or
set of tools to use. Each tool you use gives you a better idea of
what tool to use next. You work through a process of elimination.
But you can use your inteligence to interpret the results and then
pick the correct tool to use next.
I suppose you can build a huge hacking system that can do this
automatically if you program the correct heuristics into it to make
the correct decision based on teh results of a tool/scan.
But, to build all this into a small program that is supposed to go
around undetedted is unpractical.
With Windows, when a new vulnerability is discovered, it takes long
for MS to patch it, so you have time to write a program that can
exploit this vulnerability. And once you have the progam installed on
the target, the design of the OS makes it easy to do whatever you want
to. With Windows your major hurdle is getting onto the box, from
there it is all downhill. With Linux/UNIX your first hurdle is
getting onto the box and then the uphill battle only starts, due to
the design of the OS.
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.za.org
~ A dinosaur is a salamander designed to Mil Spec ~
More information about the ubuntu-users