maybe a more valuable target...

Posted Jun 6, 2003 10:24 UTC (Fri) by Corvus (guest, #11677)
Parent article: Linux hacks hit all-time high (vnunet)

(Regardless of the credibility of those "statistics")

I'd say, windows boxes are not anymore worth cracking, compared to a linux
box, when you look at what can be done with the system when someone
aquired privileges.

And the main failure of a system that lets intruders in, regardless of the general
systems security degree, will always be lazy administrators refusing to protect
their sys with the latest (or at least moderately recent) versions or patches.

So if you were going to crack a system, you wont be going for those stupid
dayfly systems of deficient systems with inadequate capabilitys to do "stuff",
would you?

No, you would go for real systems.
-Systems you would be in control of what is going on, where just a list of
active processes dont require download and install of extra stuff.
-Systems you could work with like it would be your very own.
-Systems you can be sure wont be rebooted any second, doe to some internal
segfault in a kernel lib that hasnt anything to do with your cracking attempt at
all.

Am I right?

Corvus Corax

maybe a more valuable target...

Posted Jun 6, 2003 12:46 UTC (Fri) by beejaybee (guest, #1581) [Link]

Well, you're _partially_ right...

"And the main failure of a system that lets intruders in, regardless of the general systems security degree, will always be lazy administrators refusing to protect their sys with the latest (or at least moderately recent) versions or patches."

There are two bigger problems than this:

a) lazy sysadmins failing to turn off services which are not essential. If a service is disabled (or better still uninstalled) you don't have to keep it patched, nevertheless you will never be vulnerable through this service.

b) OS/applications installers and/or lazy or incompetent sysadmins who set up configuration files in a way which allows them to be modified without root privelege. A system running with insecure configurations can be penetrated even though the service software is kept fully up to date, so vulnerabilities in the software are never exposed.