[ubuntu-my] Gempar dari Awal Mart!!

Chow Loong Jin hyperair at gmail.com
Thu Jun 25 11:07:38 BST 2009 

On Thursday 25,June,2009 04:15 PM, zarul shahrin wrote:
> 
>     Yes and no. The thing about Windows is that it can be infected without
>     you even touching a single web page. Just connect to the Internet
>     without a firewall, and leave it connected for some minutes without
>     doing anything. The sasser worm hit me that way once. 
> 
>  
>   Sasser spread by exploiting unpatched system that is vulnerable to
> LSASS security hole. If you study the case, most of the infected
> machines were not patched even though the patch was being avaiable weeks
> earlier.  Nobody can save you if you're not willing to patch your
> machine. Just like in the case of conficker, the most vulnerable users
> were users who didn't patch their system. The hits were worst in certain
> countries where many of the users were using pirated version of windows
> thus were not able to get the windows update working. Talking about
> "being remotely exploited" compare to Linux OS, I guess windows has far
> lesser remotely exploitable vulnerabilities. Please google for the
> statistics, if you have been into linux long enough, you should know how
> pretty much every webserver running apache running openssl were being
> rooted couple of years back and many machine machines were still
> vulnerable even after 1 year.
Sasser hit me on a freshly installed machine, just as I was downloading
Windows Updates. So yes, you are right that it exploits unpatched
machines, but you are wrong about it affecting only those who are not
willing to install software patches for their systems.

>     Then there are
>     some which can infect you via some vulnerabilities in Internet Explorer.
>   Weird, because we are seeing malware exploiting web browsers like
> Firefox and Safari all the time in the lab :-P
Haven't seen any so far ;-) But either way, I'd imagine that an
exploitation of a vulnerability Internet Explorer could go much further
than an one in Firefox or Safari, due to how integrated it is with the
system.

>     Such vulnerabilities are generally not present in *nix OSes.
>   This is a common argument for people who don't work in the security
> industry.. 
Sure it is. And your argument is a pretty common argument too, for many
who don't use a *nix. But it does hold some truth, though. Chances are,
however, that *nix users are more educated, since it does have a
slightly geekier outlook than Windows does.

This is a good read, by the way:
http://librenix.com/?inode=21

-- 
Regards,
Chow Loong Jin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-my/attachments/20090625/1354fa75/attachment.pgp

More information about the Ubuntu-my mailing list