On Sun, 18 May 2008, mbm wrote:
On Sun, 18 May 2008 14:22:26 +0100 (BST) Srdjan Todorovic todorovic.s@googlemail.com allegedly wrote:
The think that gets me is that although Windows boxen are allegedly easier to break into, I feel they don't really offer much in terms of power after you break into them. A Unix-like system wil probably offer more power to a cracker. Anyone have experience of this? What kind of tools does Windows malware install? And what tools does Linux malware install?
I'm sorry, but that depends entirely on what you mean by power. Do some research on botnets.
Yes, I know about botnets. What I was thinking of is such capabilities as raw sockets, though I think I read that WinXP does have raw socket support.
The really scary part about windows machines at the end of always on high bandwidth DSL connections is the damage they can do when harnessed in bots of tens of thousands in size. They have enough power to completely hose most ISP backbone connections let alone one or two hosts.
But sed 's/windows/Linux/g' and it's still as scary and valid.
And I only pick on windows machines because of their prevalance in the market. MS has done a good job of putting standardised (I use the word advisedly) easy to use systems into the hands of users who don't have to care how the systems work. Given this huge monoculture in relatively unskilled hands it is hardly surprising that infection is easy to spread.
Interesting you should say that. I saw Ubuntu CDs being placed as cover CDs for those magazines that are aimed at total computer newbies. These computer newbies are likely to be 'unskilled' and probably don't care how the system works.
Current incarnations of viruses and trojans are now used not by script kiddy types, but by serious organised crime groups interested in money. You want to take down Amazon? Hire a botnet. You want to extort money from a commercial website? Hire a botnet. You want to send 100 million spam emails? Hire a botnet.
Yes, that's extremely worrying. I suppose, with script kiddies, they just want a little bit of fun and fame, but will eventually realise they were doing something wrong. With organised crime groups, they are fully aware they are doing something wrong, and they want to carry on anyway.
And without wishing to get into any sterile argument about the prevalence or otherwise of linux (or MacOS) viruses or trojans, the main thing protecting us at the meoment is that we are a minority.
But the minority will change to a majority at some point, especially if the trend to include easy to use Linux distros on computer beginers magazines continues.
-Srdjan