Re[5]: 02.04.2008-16:53:33 :: Something smarter than us is going to emerge


node:	Re[5]: 02.04.2008-16:53:33
template:	4
parent:	Re[4]: 02.04.2008-16:53:33
owner:	forcer
viewed by:
created:	06.04.2008 - 20:23:39

cwbe coordinatez:
101
63540
63542
2109677
1857521
3850568
3850917
3858476
3860023
3863179
3863248

ABSOLUT
KYBERIA

permissions
you:	r,
system:	public
net:	yes

aky ma zmysel pisat virus na server? nie je tam user ktory na to 2x klikne s dementnym vyrazom "co to jeeeeee?"

000001010006354000063542021096770185752103850568038509170385847603860023038631790386324803863449

jaky ma voubec zmysel pisat virus okrem toho ze nasrat uzivatela a mastenia si ega :) ale niektore windowz virusi boli len preto mozne lebo kazdy uzivatel pracuj ako uzivatel s admin pravami a toto moc pod mac os X alebo unixom ako takim ide aj bez toho aby si bol root, teda normalna praca ;)

00000101000635400006354202109677018575210385056803850917038584760386002303863179038632480386344903864136

virusy sa uz davno nepisu koli egu. a kto povedal ze potrebujs admin prava aby si robil zle?:)

0000010100063540000635420210967701857521038505680385091703858476038600230386317903863248038634490386413603864441

hm okej ale pod unixom tomu hovorim rootkits a nie virusi, nevedel som ze to nerozdelujes :)

000001010006354000063542021096770185752103850568038509170385847603860023038631790386324803863449038641360386444103865428

rootkity maju jasnu definiciu..
A rootkit is a program (or combination of several programs) designed to take fundamental control (in Unix terms "root" access, in Windows terms "Administrator" access) of a computer system, without authorization by the system's owners and legitimate managers. ... but in recent years have been largely malware to help intruders gain access to systems while avoiding detection. (wikipedia)
ja hovorim o tom, ze aj s user-pravami mozes narobit dost zle, bez toho aby si toho roota musel mat.
staci ti, ak pustis nejaky evil kod na pozadi, ktory bude dajme tomu pocuvat na nejakom vysokom porte, alebo sa pripoji na nejaku ipcku z ktorej bude prijimat prikazy. nemusis mat cely system na to aby si ho mohol zneuzit. takto mozes v pohode kurit plny vykon zo stroja len pre seba, alebo vyuzivat konektivitu na rozosielanie spamu, robenie DDoS utokov...

00000101000635400006354202109677018575210385056803850917038584760386002303863179038632480386344903864136038644410386542803865778

naopak dolezita vec pri definovani virusu je fakt, ze sa vie replikovat, co na linuxe/OSX je vcelku problem

v DOSe/windowse ma user pravo zapisovat takmer vsade, kedze je bud admin, alebo power user (hovorim o SOHO desktopoch). naopak v linuxe pod beznym userom zvacsa nemas sancu menit systemove nastavenia, libky a pod.

podla mna jeden z dolezitych faktorov mensieho sirenia virusov na linuxe je aj to, ze sa tam pouziva radovo menej executable warezu.

0000010100063540000635420210967701857521038505680385091703858476038600230386317903863248038634490386413603864441038654280386577803866242

pokym ide o binarky programov, tie samozrejme infikovat nevie, ale naco aj, ked sa vie poslat dalej cez mail.. uz davno som nevidel virus co by ti zacal prepisovat systemove subory, to sa uz nejak nenosi :) vacsinou je to teraz malware, ktory sa siri cez mail/IM. a citat contact list v mailovom programe(thunderbird/evolution/whatever) tiez nie je problem..

000001010006354000063542021096770185752103850568038509170385847603860023038631790386324803863449038641360386444103865428038657780386624203866387

prepisovanie systemovych suborov na windowse je stale bezna praktika
ale suhlasim, ze sirenie cez mail/IM je dneska podstatne beznejsie.

social engineering rulez, ked uz spolocnosti ako-tak popatchovali operacne systemy, diery su stale medzi klavesnicou a stolickou :)