Hi
2008/5/19 Adam Bower adam@thebowery.co.uk:
On Sun, May 18, 2008 at 02:22:26PM +0100, Srdjan Todorovic wrote:
The think that gets me is that although Windows boxen are allegedly easier to break into, I feel they don't really offer much in terms of power after you break into them. A Unix-like system wil probably offer more power to a cracker. Anyone have experience of this?
How can that possibly make sense? A computer is a computer, Windows and Linux have basically the same feature set in that they can carry out computing tasks and talk to the internet.
As per my other email, I as thinking of other things like raw socket support, or something similar.
It will be more likely that a linux/unix box will have a C compiler installed than Windows having a C compiler. Yes, I am aware that some distros don't install copilers and devel tools, but lots of boxen might well have them.
You can install unix tools on Windows or even a virtualised install of linux in Windows userland.
You might have to pull lots of packages and deps, depending on what you want and have. Would malware writers bother?
Just because it might not be a reliable operating system is irrelevant in the context of botnets as if a few machines die/fall over/get reinstalled the horde is still out there. The whole power of Linux is
Yes, in the context of botnets.
the diversity it provides, as already pointed out the whole monoculture of Windows is precisely why it makes a nice target.
Won't the syscalls and the C lib follow set standards for the interfaces, like POSIX compliance etc? Sure libraries will be different versions, but you could possibly have several versions of the same malware for different versions of the libs. It's not like you'll need a specific version of Gnome (for eg.), or certain version of libpng.
Is there any actual or theoretical task that Linux can do that Windows can't do? I'm not talking about running a specific program or software availability for the platform as that could be solved by porting software etc. I mean an actual task or process that Linux can do that Windows can't do either now or in the future if someone coded it?
No, probably not.
Srdjan