Found, a new rootkit

Mike McCarty Mike.McCarty at sbcglobal.net
Fri Apr 7 17:48:43 UTC 2006


Tim wrote:
> On Tue, 2006-04-04 at 00:57 -0500, Mike McCarty wrote:
> 
>>Some systems are easier to achieve a given level of security than
>>others. MSDOS, for example, is easier to secure than Linux, since
>>unless one has done something foolish like a CTTY COM1, no one can
>>issue commands via a modem. And if no software is listening to the
>>modem, as it is not in MSDOS unless one installs such software, it
>>remains relatively secure.
> 
> 
> I don't have a single Linux box here that listens to the modem.  I'd
> have to install a service to do so.  Your MS-DOS box is no more secure
> than any of them, for that point of attack.
> 

I respectfully disagree with you on this point. Your Linux
machine has a device driver for that device, while my MSDOS
machine does not. So you *do* have software listening to
that device, which software potentially has security compromising
defects. I have no software on my MSDOS machine which listens
to the serial port. So if I install a modem on it, it remains
relatively secure.

Again, any machine which has an external connection has
only *relative* security. My claim is that an MSDOS machine
with a modem is relatively more secure than a Linux machine
with a modem, but not that it is secure. The only real
security is physical access. For serious security, one
needs the power source as well as the computer and everything
it connects to surrounded by a Faraday cage. Video displays
can be snooped from a distance of tens of feet unless
caged.

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!




More information about the fedora-list mailing list