elektronisch
2[H]4U
- Joined
- Mar 22, 2004
- Messages
- 2,305
Let me know when it comes through a browser and elevates itself to root where it can actually do system-wide damage.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
you're an ass if you run irc as root anyway.
To bad SELinux is stupidly complicated to set up. First thing I do on my installs is disable it. Then again this is on my personal server.
It doesn't matter if the trojan got onto the machine because of a flaw with linux or with the program.
Linux, Windows nor Mac can prevent a user from downloading a trojan and running it. This is not a hack or any representation against the OS's security and the package was not delivered by the distro or community.
...
3) Another reason that the Windows version was not touched is how many people really run IRC servers on Windows boxes let alone a IRCd server that has its roots in Linux? So why hack the code for a version that might be used 50 times when you can hack the code (eaiser i might add because of #2) for a version that might be used 1,000 times?
Pretty much the definition of why 99% of exploits target windows (install base).
-scheherazade
p.s. Where is the edit button? Seriously, I'm blind or something...
I don't buy it. I doubt he's gotten any responses from Linux users who go out of their way to comment on a Windows security-related story about how they don't need anti-virus protection. Yet he claims he gets a "flood" "every time".Read the article people, his claim is this "Every time I write about Windows security software, I get a predictable flood of responses from Linux advocates who claim that they dont need any such protection. Today comes a shining example of why theyre wrong."
I don't buy it. I doubt he's gotten any responses from Linux users who go out of their way to comment on a Windows security-related story about how they don't need anti-virus protection. Yet he claims he gets a "flood" "every time".
I just don't buy it.
I don't buy it. I doubt he's gotten any responses from Linux users who go out of their way to comment on a Windows security-related story about how they don't need anti-virus protection. Yet he claims he gets a "flood" "every time".
I just don't buy it.
It doesn't matter if the trojan got onto the machine because of a flaw with linux or with the program. Either way a machine running Linux was infected. If you get a virus on windows due to a pdf file due to adobe having a flaw you still claim that Windows is a POS and gets viruses. This is exactly the same thing. Thus there is nothing wrong claiming that Linux was infected.
But yeah, this really isn't anything special. Most knowledgable people know that ALL OSs can be infected.
This.
I knew before I even stepped foot in this thread that it would be full of testy Linux fans making every possible excuse.
The point is that running Linux doesn't make you invincible. Calm down, nerds.
Either way a machine running Linux was infected.
Linux needs AV is his argument, and he's correct if you're going to execute software from somewhere other than the official repo.
Linux, Windows nor Mac can prevent a user from downloading a trojan and running it. This is not a hack or any representation against the OS's security and the package was not delivered by the distro or community.
So in essence Linux users hould stop talking shit because MS doesn't push Trojans and virii on users through Microsoft update. Users download and get them through ignorance.
Anyone read the update to the article on the 14th? Same link. This thing was found in an official Gentoo distro. Gentoo has since, however, released a patch for it.
Anyone read the update to the article on the 14th? Same link. This thing was found in an official Gentoo distro. Gentoo has since, however, released a patch for it.
But nobody would use Gentoo so it doesn't matter.
The fanboys are going to come up with some excuse about how this isn't a real threat and means nothing claiming that linux is still 100% secure, has no security holes and cant' get a single virus or piece of unwanted software in any way, shape or form.
the only thing that makes a OS "unsecure" is its popularity.
But nobody would use Gentoo so it doesn't matter.
The fanboys are going to come up with some excuse about how this isn't a real threat and means nothing claiming that linux is still 100% secure, has no security holes and cant' get a single virus or piece of unwanted software in any way, shape or form.
why is it an excuse? IF a user doesn't set a passwd for admin is that hte OS's fault when someone then just walks into it?
As far as the OS is concerned this is a valid system call so harsh as it is that the upstream source (which would have effected windows as well if ppl compiled it from source and not just used the binaries...) it is still a user issue and the program issue.
What about the spat of A/V software that has screwed over windows because it decided key dll's were a threat. Was this the fault of the OS or the program or the user? THIS was the fault of the programmers and in essence such cases are comparable.
and from teh gentoo P.O.V. unrealircd is run as user "nobody" which doesn't have a shell, doesn't have a home... so by default the compromise wouldn't have gotten far. IF a user ran it as himself or root ... well...
A virus was coded for linux and managed to get out into the public.
Y A virus was coded for linux and managed to get out into the public. .
No it didn't. A trojan got out, not a virus. It didn't self replicate, it didn't infect a target, it didn't exploit any security holes, etc...
This in no way indicates that Linux is unsecure, just that people are idiots. Which everybody already knew.