- TalkBack 9 of 14:
- Next »
- « Previous
- Thread View
- Flat View
- Rootkit as unprivileged user? Unpatched machine.
-
Installing a rootkit, from an account belonging to an unprivileged user, requires that the machine have a vulnerability which, unfortunately, has remained unpatched. Most modern installations of operating systems allow a choice of manual or automatic patching, so relatively few excuses exist for an ordinary user being able to bring a machine under his/her control with a rootkit. This applies just as much to Windows as to any of the Unixes.
Now, weak passwords over SSL are very, very silly, too. And there are sufficient nasty little payloads out there running, even as I write, to seek out such accounts. The last brute-force attempt on my house gateway server was only six hours ago -- there were many attempts on the root password, and many login attempts to either well-known account names or random names, even my own.
My desktop is XP, my house gateway is Linux (latest CentOS distribution). Both are automatically patched (except for Helix server and Zope on the Linux box), and I'm happy with the services running on the machines. Frankly, I would feel equally as secure these days running Windows on the gateway machine: but I run Linux on the gateway because it's just so much easier to access it from a variety of platforms (via console SSH, X over SSH, or web interface; from Windows, Unixes or Symbian OS), and perform both administrative tasks and read or manage my email and websites. - Posted by: 4:2:2 Posted on: 07/25/06 You are currently: a Guest | Members login | Terms of Use
Casting a suspicious eye
Chad_z | 07/24/06
|
exactly what they'd have to do with Windows
voska | 07/24/06
|
well our linux server just got hacked
stevey_d | 07/24/06
|
You know that what you said did not happen...
michael_t | 07/24/06
|
|
I'd say your being nieve
voska | 07/25/06
|
|
I am dissapointed, as I thought U could think a little prior to reply.
michael_t | 07/25/06
|
|
Not Linux' fault; admin/user to blame here
buran | 07/24/06
|
|
I find that running ssh on
swoopee | 07/25/06
|
|
Rootkit as unprivileged user? Unpatched machine.
4:2:2 | 07/25/06
|
|
Pretty suspect scenario
TripleII | 12/13/06
|
More "reasons" to switch to Vista 
michael_t | 07/24/06
|
|
yeah and still yet
not of this world | 07/24/06
|
|
I'd like to see them sue under the DMCA
buran | 07/24/06
|
|
RE: Beware of ransomware, firm warns
elt10@... | 08/14/08
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- New College Durham Attracts New Students With Robust IT Infrastructure Delivered With the Help of Dell Professional Services Dell When New College Durham received funding from the Learning Skills Council ... Download Now
- MessageStats Version 6.5.1 ScriptLogic MessageStats allows you to: Justify expenses on Exchange ... Download Now
- July 7th: The Virtual Presenter's Series: Start Right! Design Right!P resent Right! Citrix Online Presenting online is a completely different ballgame from presenting in ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
