Found, a new rootkit
John Wendel
john.wendel at metnet.navy.mil
Sat Apr 8 00:26:55 UTC 2006
Mike McCarty wrote:
> Mikkel L. Ellertson wrote:
>
>> Mike McCarty wrote:
>>
>>> Tim wrote:
>>>
>>>> I don't have a single Linux box here that listens to the modem. I'd
>>>> have to install a service to do so. Your MS-DOS box is no more secure
>>>> than any of them, for that point of attack.
>>>>
>>>
>>> I respectfully disagree with you on this point. Your Linux
>>> machine has a device driver for that device, while my MSDOS
>>> machine does not. So you *do* have software listening to
>>> that device, which software potentially has security compromising
>>> defects. I have no software on my MSDOS machine which listens
>>> to the serial port. So if I install a modem on it, it remains
>>> relatively secure.
>>>
>>
>> I fail the see the difference between the Linux driver for a serial
>> port, and the DOS driver for COM ports, at least as far as security
>> goes. Nether driver does anything unless there is a program
>
>
> You are right, in regards to the software itself. The difference
> is that MSDOS does not automatically install device drivers
> for COM ports, whereas Linux does.
>
Linux is about having the freedom to configure your system the way you
want it.
I always rebuild my kernel without any serial port drivers. I don't
build any modules for devices that I don't use. You can't trigger a
bug in code that doesn't exist!
As a positive side effect, my kernel is about 1/2 the size of a
standard Fedora kernel and lib/modules is 10 times smaller.
Regards,
John
More information about the fedora-list
mailing list