-{ Quote: "Sudo isn’t magic; it’s a program. To find out where that program lives, you can use the which command.

I’m going to update $PATH to include my own secret directory at the beginning. This directory will have an evil shell script that I wrote called sudo in it. Since this directory comes first in $PATH, when the user tries to run sudo, it will actually run my evil sudo rather than the real sudo. My evil sudo will then run the real sudo on the real command, and when it’s done it will do my evil bidding which in this case is installing a simple rootkit that I wrote. Since this is all scripted, it will also clean up after itself. I’ll put this in a tarball that can be quickly downloaded, extracted, and set up." }-
Bandit Defense (http://blog.banditdefense.com/2009/02/06/sudo-install-my-rootkit/)

Lesson: Don't let anyone have access to your box cause they can pwn it in 10 seconds.

Whats the point of this, which Linux user would knowingly untar a tatball from dubious source and let it execute. For pwning a Linux box, that person needs to know the password, only a rank fool will give access to a third person in a regular account, thats what the guest account is for.

If you walked away from your machine after you installed something with your password scenario.
-{ Quote: "A nice thing about sudo is that when you run it, it remembers you as an authenticated sudoer for a couple minutes so you don’t have to keep entering your password over and over if you want to run several commands in a row as root. You just need to enter it once, and then commands that come shortly afterwards will automatically assume that they’re allowed." }-

-{ Quote: "If you walked away from your machine after you installed something with your password scenario." }-
If I were in a place where I was worried about someone tampering with my computer, there is no way I'd walk away from it without at least locking the screen. Takes two mouse clicks.

Please relax ... no machine anywhere in the world can survive local access misuse. Like I said, you may as well blowtorch the hard disk. I know you live rootkits and whatnot, but as easy it is to avoid all that on Windows, it's 10 times easier avoiding it on Linux. Just ... don't ... execute ... crap.
Mrk

I was told to learn about OS security I needed to learn how to exploit an OS.
By learning how it's eploited I can then know what steps to take to secure it.

I'm trying to discover for myself the security differences, Linux vs. Windows, instead of taking the word of everybody and their mother.
So far, Seems to be extra steps needed in Linux for the same exploit vectors of Windows.

Still,

Searching_ _ _

BTW History Channel is running back to back episodes of Monster Quest. Yeah buddy!

-{ Quote: "I was told to learn about OS security I needed to learn how to exploit an OS.
By learning how it's eploited I can then know what steps to take to secure it.

I'm trying to discover for myself the security differences, Linux vs. Windows, instead of taking the word of everybody and their mother.
So far, Seems to be extra steps needed in Linux for the same exploit vectors of Windows.

Still,

Searching_ _ _

BTW History Channel is running back to back episodes of Monster Quest. Yeah buddy!" }-
Experts have been "discovering" the differences for some time now, but I'm sure there are contributions you can make to the knowledge base.

Just remember that "a little knowledge can be a dangerous thing." And unless an in depth analysis accompanies the posting of "security vulnerabilities," including what has already been done to cure them, then they can legitimately be construed as spreading FUD. (F)ear, (U)ncertainty and (D)oubt.

IMO, trying to convince others that Linux is just as vulnerable to malware as Windows, serves no legitimate purpose. (Unless you own MS stock.)

-{ Quote: "I was told to learn about OS security I needed to learn how to exploit an OS.
By learning how it's eploited I can then know what steps to take to secure it." }-

Oh, come on! That any OS is vulnerable if somebody else has local access to it is a matter of course and not worth being discussed at all.

-{ Quote: " Still,

Searching_ _ _
" }-
Good - but you should be "searching" for something substantial.

If I learn anything substantial I'll be sure to post it.

@lewmur
Your words are important.

Thanks,

You guys ever try Coreboot.

-{ Quote: "...FUD. (F)ear, (U)ncertainty and (D)oubt..." }-Thanks! Now I can scratch that off of my AATIDK list!


(Annoying Acronyms That I Don't Know):argh:
But seriously, I have been wondering for some time now.

-{ Quote: "
(Annoying Acronyms That I Don't Know):argh:
But seriously, I have been wondering for some time now." }-
If you have a Debian machine, install bsdgames.
Then you just
-{ Quote: "username@debian:~$ wtf is fud
FUD: fear, uncertainty and doubt" }-
And you can always ask wtf is wtf ;D

-{ Quote: "...And you can always ask wtf is wtf ;D" }-why? wtf is the challenge in that?;D

-{ Quote: "I was told to learn about OS security I needed to learn how to exploit an OS.
By learning how it's eploited I can then know what steps to take to secure it.

I'm trying to discover for myself the security differences, Linux vs. Windows, instead of taking the word of everybody and their mother.
So far, Seems to be extra steps needed in Linux for the same exploit vectors of Windows.

Still,

Searching_ _ _

BTW History Channel is running back to back episodes of Monster Quest. Yeah buddy!" }-


Not one Linux machine I have setup in public environment have been hacked compared to myriads of Windows machine that gets hacked on daily basis.Not only that, in Windows we have to daily deal with the nonsense of HIPS, AV, dllhooking etc. and therefore even one update of these associated programs are missed, you are all in the open. So far all you are doing is posting alleged Linux exploits which have truly no bearing. Try and post remote exploits or stuff like dll hooking and then we can see the vulnerability. No matter what you say or post will change the fact that Linux still remains the safest OS around speically for home use and even for server use.

Please read this for a better insight.. http://www.technewsworld.com/story/55722.html


Linux outperforms Windows XP and Windows Vista because its architecture is different. Linux derives its security in large part from its Unix design philosophy, also used as the basis for Mac OS X.

There are two distinct differences that account for Linux's better security reputation, according to Cherry. One, users do not habitually log in as administrator, which is often required to run Windows. Two, mail clients and desktop applications do not automatically execute attached code.

In addition, technologies such as SELinux and AppArmor and stack randomization have been developed for Linux that help to limit the impact of a security breach if it were to occur, he said.

Linux is also better than Windows at recovering from buffer overflows, which are a common attack vector.

"This is best handled at the interface level as a register exploit in Windows," Ken Steinberg, CEO of computer-security firm Savant Protection, told LinuxInsider.

Linux allows software developers to go into the system and fix buffer overruns, he added. However, one can not do that with Windows.
Chink in the Armor

powernowd: PowerNow Daemon v1.00, (c) 2003-2008 John Clemens
Go away, you are not root. Only root can run me.

@Arup

How do I secure root?

There are a million ways:

Hardening, chroot, right permissions, no use of suid and guid, disable services, patching, shadow file, firewall, tcp wrappers, xinetd etc, it's not something you can cover in a thread or even 20 threads.

Mrk