[H-GEN] Debian v Mandrake
Robert Kearey
mammal at optushome.com.au
Thu Mar 21 00:14:27 EST 2002
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
[ Worthwhile understanding: http://www.humbug.org.au/netiquette.html ]
Anthony Towns wrote:
>> Sure, but its still a problem with the application, not the OS.
>> Flaws that are specific to an OS are rare
> Yeah, but _attacks_ that are specific to an OS aren't, and attacks are
> what you can log, and what Greg was claiming to be logging. Which seems
> pretty fair. (Although identifying the OS that's being targetted is
> probably a fair chunk harder than identifying the app.
That'd be the job of an IDS like Snort - Greg didn't mention what he was
running to be able to finger individual attacks.
I'm not sure about the need to exploit an individual kernel ABI, either
- so long as the exploit get uid 0, it can run whatever shellcode it
wants. And exec('/bin/sh') can hardly be said to have a diverse range of
implentations.
BTW, if anybody here know someone who is complicit in the current spate
of oz.org DoS attacks, please kill them where they stand, right now.
It's for the greater good. R3sp3k must be earned by creating, not
destroying.
> aj
--
Rob K - Ich mag Chips mit brauner Soße
http://members.optushome.com.au/mammal
Please abbreviate 'bandwidth' as 'bndwth'
thereby conserving precious bndwth.
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list