Next message: John Chang: "[WinMac] DHCP"
Dan Schwartz wrote:
>
> One of the nastiest things in slowaris & linux is SunRPC - That was the
> hole exploited by the widely publicized "Barbed Wire" DDOS attacks in
> February, when eBay, ZDNet, eTrade, and other high profile Web sites were
> whacked by "zombies" planted on (mostly) linux boxes...
>
> Does OS-X have RPC (Remote Procedure Call) capability?
>
Since it is Unix-based, I'll assume it does. However, simply because one
version of RPC is vulnerable does not mean that all Unix RPC's are.
We used to have a sign above our rack o' servers : "You are in a maze of
twisty little Unixes, each slightly different" ;-)
That version of SunRPC was vulnerable to a buffer overflow exploit,
IIRC. Many Linux programs have vulnerabilities that the identical BSD
utilities do not, because they use different libraries or were written
differently.
Finally, almost all of these widely noted hacks used exploits that have
been publicized, patched and plugged. A recent (ISTR) CERT survey showed
that the ten most widely utilized security holes have all been widely
noted and fixed; that systems are still being hit with these are due to
the sysadmins of the systems not keeping things updated. They are still
getting exploit reports on the IMAP hole that was patched three versions
and four years ago!
It's analogous to running NT and never applying any Service Packs.
--
Bruce Johnson
University of Arizona
College of Pharmacy
Information Technology Group
*** Windows-MacintoshOS Cooperation List ***
FAQ: http://www.darryl.com/winmacfaq/
Archive: http://www.darryl.com/winmac/
To unsubscribe, send mail to winmac-request@lists.best.com
with just the word "unsubscribe" in the body of the message.
This archive was generated by hypermail 2b29
: Fri Jul 07 2000 - 16:47:30 PDT