Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] KSpynix ::: the Unix version of KSpyware? (Proof Of Concept)
From: bkfsec (bkfsecsdf.lonestar.org)
Date: Wed May 11 2005 - 16:08:20 CDT
James Tucker wrote:
>>Well, yeah, but I still wouldn't be throwing away GNU/Linux just yet on
>>that front. I would argue that it's still entirely possible to build a
>>GNU/Linux system that is more secure than a MS Windows system,
>>relatively speaking. (Note: I am not saying that GNU/Linux doesn't have
>>its share of security issues and I am not saying that one can't create a
>>well-secured Windows server.)
>I can understand that this is drifting off track, but as part of the
>community, how can you relaibly justify this? I don't mean to be
>facetious, but I have never seen any such justification in existence,
>furthermore if other aspects are considered such as average required
>development time to a 'secure' system the argument can be easily
>swung. Such a comment may have been more acceptable if one were to
>use openbsd as an example, arguably. Again there are aspects which
>must be considered, but if we are refering to the operating system
>alone then should we consider the default install, the number of
>discrete settings which must be changed? the length of a script which
>performs these actions automatically? such judgements are hardly
>quantifiable - due to scalar issues.
>Remember, if the choice was clear, someone would have 'won' already.
I know it because I've done it before. Having access to the code means
that you can change things you don't like and also that you can
construct them from the ground up to meet your needs. Dependancies can
be removed. Packages and services can never be installed if you don't
Obviously, if you're going to create a system that is very difficult to
get into, it's going to take some time. However, having access to the
code and the will to modify the system you can do some very good things.
Just by that fact one can construct a more secure system with a Free
Software OS than any other proprietary system.
Keep in mind, I'm not talking about getting Red Hat and turning off all
of the services. I'm referring to building a custom system from source
packages - although, you can, if you want, reverse any GNU/Linux
distribution in the same way, if you so chose, but sometimes it's better
to start from the ground up.
I don't need statistics to tell me that it can be done.
Incidentally, the very acts that I'm referring to are the ones that put
OpenBSD into existance. And, if it makes you feel better, I'd include
OpenBSD in the statement.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/