Re: [SLUG] Sony rootkit

From: James Haydon (jhaydon@stewartsigns.com)
Date: Wed Nov 16 2005 - 16:32:23 EST


On Wednesday 16 November 2005 13:21, steve szmidt wrote:
> On Wednesday 16 November 2005 12:53, Eben King wrote:
> > On Wed, 16 Nov 2005, steve szmidt wrote:
> > > On Wednesday 16 November 2005 09:12, SOTL wrote:
> > > > Recall that US military tanks, ships, plains all are using MS Windows
> > > > as the operating system for some functions.
> > >
> > > Over and beyond what Mike correctly points out, though it's poor
> > > security enough, they don't all run windows. In fact they are very
> > > poorly standardized.
> >
> > That's a good thing -- a monoculture is bad.
>
> For security yes.
>
> > > As Mike points out it is only a problem on that one computer where
> > > someone entered the root password and let the rootkit in. It does not
> > > now spread to all other boxes (unless you have windows then anything is
> > > possible). That does not occur under unices.
> >
> > See the Morris worm. It exploited a bug in fingerd, IIRC.
>
> And as the first worm has been one of the few under unices.

There is an ieee article on how the morris worm was reverse engineered out
there from '88. If you want a good read.

-- 
James S. Haydon
Systems Analyst
The J.M. Stewart Corporation
stewartsigns.com
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:11:05 EDT