Security (was Re: Working with the UKUUG and LUUG)
Paul Civati
paul at xciv.org
Sun Feb 20 00:45:23 GMT 2000
[ topic drift almost straight away.. ]
Steve Greenshaw <steve at softgreen.co.uk> wrote:
> labs. This individual happily waltzed into the Linux servers and installed a
> root kit etc., but when they tried the FreeBSD boxes oh dear ... they
> suddenly realised they couldn't do it quite so easily. They also realised
Purely because Linux being more popular means exploits and root kits are
more widely distributed. On an ftp site the other day, I found:
./sendmail-exploits/8.6/freebsdmail.c
./bsd-exploits/freebsd/FreeBSD-ppp.c
./bsd-exploits/freebsd/FreeBSDmail.txt
./bsd-exploits/FreeBSD-pine.asc
./bsd-exploits/freebsd
./bsd-exploits/freebsd/2.1/freebsdmail.c
./bsd-exploits/freebsd/freebsd-crontab.c
./bsd-exploits/freebsd/freebsd.htm
./bsd-exploits/freebsd/fbsdrootkit.tar.gz
./trojans/fbsdrootkit_tar.gz
./trojans/fbsd_rootkit_1_0_tar.gz
./trojans/fbsd_rootkit_1_2_tar.gz
./trojans/fbsd-2_2_5_rootkit.tgz
./trojans/fbsdrootkit.tar.gz
(please don't ask for the URL, as refusal often offends).
> the next day that the server had trapped the attempt and logged it. They
tripwire is your friend.
> realised this when they were 'visited' by security. I also know of one ISP
> that has just decided to dump Linux in favour of FreeBSD due to the security
> problems with Linux and the good reputation of FreeBSD's security.
Don't get me wrong, I love FreeBSD, it certainly is the best performing
server o/s of the BSD's IMO.
But, if you want security then I'm afraid you really can't beat OpenBSD,
simply because they have audited their sources *far* more than anyone else
has.
-Paul-
More information about the Ukfreebsd
mailing list