Page 2 of 2 First 12
  • Jump to page:
    #16
  1. No Profile Picture
    Offensive Member
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2002
    Location
    in the perfect world
    Posts
    622
    Rep Power
    28
    >>Its those systems that the coders can exploit and use in DOS and other attacks.

    A denial of service attack is not OS specific. Any OS can be a target or attacker. In the most lethal form it is mainly routers that are used to perform a DDDOS.

    >>Microsoft's patching history is HORRID.

    They can't even patch their own servers. What hope do we mere mortals have?

    >>they just can't be exploited as easily most of the time.

    Code on EXACTLY how to exploit *NIX is not posted on every skript kiddies web page by radbid MS haters within minutes of the exploit being reported. Remember Blaster was for a reported exploit for which there was already a patch.
    The reason the exploits are made public is however MS's fault. Years ago MS refused to fix a critical flaw. When the flaw was published MS was forced to fix the problem.

    >>The argument that it's exploited because it's popular just doesn't have any solid ground to stand on, really

    In a way it does.

    These idiots are trying for the Warhol Virus (one that infects the 'net in 15mins).

    If you were going to write a comercial desktop app for sale but can only do so for one OS. Are you going to write it for *NIX or MAC or for the OS running on 90% of your customers PC's? Its about maximising your target audience.....

    >>There really isn't much of anything that can be done about home users opening infections unless we can get them to stop doing it

    Well before the OS allows you to send similar mail to everybody in your list WITH an attachment, it could confirm with a messagebox. Not exactly hard to do.

    Some of this stuff MS just does not want to fix. It motivates you to continue buying the new OS's (at 70%+ profit to MS)

    >>On most of my XP and 2k networks users can't install anything, or change anything.

    But this does not stop worms like Blaster. They can easily get admin access.
    The essence of Christianity is told us in the Garden of Eden history. The fruit that was forbidden was on the Tree of Knowledge. The subtext is, All the suffering you have is because you wanted to find out what was going on. You could be in the Garden of Eden if you had just kept your f***ing mouth shut and hadn't asked any questions.

    Frank Zappa
  2. #17
  3. No Profile Picture
    The Dude Abides
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Feb 2000
    Location
    grass valley,ca
    Posts
    1,062
    Rep Power
    17
    But this does not stop worms like Blaster. They can easily get admin access.
    I wasn't trying to stop viruses, just protect users from themselves - Installing stupid screensavers, spyware, and other programs that cause problems.

    For viruses I rely on firewalls, antivirus, etc. Sonicwall makes a nice firewall product that lets you disable any type of email attachment at the firewall just by specifying the extension - .pif, .exe, etc.
  4. #18
  5. An Ominous Coward
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jan 2002
    Posts
    4,425
    Rep Power
    0
    Not only that, Blaster got admin rights as incidental side effect of dumping a service running as admin. I highly doubt it actively sought to escalate privileges.
  6. #19
  7. Capt'n
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2001
    Posts
    567
    Rep Power
    16
    I work in a business now that either owns or services a great number of Kiosks in this area and most run off of Win2kpro with a Kiosk program on top of that, but when I first started here the boxes were not locked down.

    Even though the software was not "supposed" to allow people do download things, AIM, CASINO.net, and a few other programs that used explolits in MSIE caused some major headaches. The Kiosk software on several of these terminals had to run in FAT32 and would not function under NTFS meaning that locking down those boxes was impossible.

    And even on the ones that require an administrator's password, there are still some apps that some how manage to bypass that and install themselves anyway.

    Recently we switched to a Linux based OS that was designed for digital signage and Kiosk usage and the two test boxes have been running for 13 days and 23 days without a single reboot and no problems with downloads. Even if they would download stuff, its not going to work. We will be switching all of the Kiosks we own around here to the Linux based system over the next 6 months and all future kiosks will be running the Linux OS.

    As IT director, it makes my job a lot easier since if it breaks, I have to stop whatever I am doing, go out and fix the damn thing. When the Blaster Virus came along, two of our 14 kiosk got struck by it so we had to go out, swap hardrives, format and ghost the infected drives. In the future when that *#$&# comes along, I won't have to worry as much, just fix the boxes we have service contracts with.
  8. #20
  9. No Profile Picture
    Offensive Member
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2002
    Location
    in the perfect world
    Posts
    622
    Rep Power
    28
    >>When the Blaster Virus came along, two of our 14 kiosk got struck by it so we had to go out, swap hardrives, format and ghost the infected drives.

    Why?

    It takes two minutes to delete the worm from the system32 folder and find, then delete its reg entry.
    And another few minutes to download the MS patch.
    The essence of Christianity is told us in the Garden of Eden history. The fruit that was forbidden was on the Tree of Knowledge. The subtext is, All the suffering you have is because you wanted to find out what was going on. You could be in the Garden of Eden if you had just kept your f***ing mouth shut and hadn't asked any questions.

    Frank Zappa
  10. #21
  11. Capt'n
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2001
    Posts
    567
    Rep Power
    16
    Originally posted by TechNoFear
    >>When the Blaster Virus came along, two of our 14 kiosk got struck by it so we had to go out, swap hardrives, format and ghost the infected drives.

    Why?

    It takes two minutes to delete the worm from the system32 folder and find, then delete its reg entry.
    And another few minutes to download the MS patch.
    Higher up's want the drives wiped.
    Why? Because Forms just look cooler in OS X...

    Dutch, it's like German...but not!
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo