Linux servers hacked - who would have thought

[HeyBub]

The poster fromerly known as 'The poster formerly known as Nina DiBoy'
wrote:

Non-issue, has no bearing on this subject whether someone posting an
off topic post without even labeling it as an OT post is pro vista or
not.

Well, isn't your complaining about the post being off-topic itself
off-topic? It's off-topic squared.

In other words, isn't a complaint about something being off-topic an example
of hypocrisy?

 

[norm]

Not to me it isn't. Their machines were attacking others. That, is
a security problem, by every definition of the word.

If someone else other than them is expected to do something
about it, then what's the point? They manned up and said that
they didn't apply the patches. That's their fault. MS makes it
easy. Microsoft update. Every day. Not so stupid now.

Let's not forget that there are two different entities being discussed.
There is the ubuntu server edition and unbuntu "for the masses". If we
are to compare, lets compare server edition to server edition. It is as
much an injustice to compare ubuntu server against vista home editions
as it would be to compare windows server editions against ubuntu "for
the masses". It doesn't negate what happened, but it does make the
"playing field" a bit more level.

 

[norm]

Because this is a PUBLIC group read all over the world and some people
may fall for the zealotry mantra of the ignorant.

And that same zealotry mantra of the ignorant can be seen from the
windows side too.

 

[norm]

And that would follow the ignorant masses problem that all OS's suffer.
which is the point of my post. You have Zealots stating the XYZ is safer
and that it can't be hacked and then when they are disproven, for the
same reasons that many Windows boxes are hacked, they get disgruntled.

Maybe the correct comparison should be ubuntu server to windows server
rather than ubuntu server to the windows "for the masses".

 

[The poster formerly known as the poster formerly k]

Because you are a zealot complaining for other zealots to jump in and
defend your BS position. Alias made a point of always being negative and
suggesting that Ubuntu was the savior of the world, which any non-Zealot
that uses linux would know is a lie. The MVP's don't make a effort to
distrup the groups like others do.

But that does not address the fact that an MVP was doing exactly what he
was regularly criticizing another poster for. That's being a hypocrite.
You obviously have issues staying on topic, don't you?

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Only religious fanatics and totalitarian states equate morality with
legality."
- Linus Torvalds

 

[The poster formerly known as the poster formerly k]

How about you clean up your act before you start complaining about
others. You added the windowsxp.general group to this thread without
notice, for no good reason, to stir up more crap.

This coming for you who isn't staying on topic. Yet you choose to
respond anyway, even though you have nothing of value to add. LOL!

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Only religious fanatics and totalitarian states equate morality with
legality."
- Linus Torvalds

 

[The poster formerly known as the poster formerly k]

The poster fromerly known as 'The poster formerly known as Nina DiBoy'
wrote:

Well, isn't your complaining about the post being off-topic itself
off-topic? It's off-topic squared.

In other words, isn't a complaint about something being off-topic an example
of hypocrisy?

And what does this post of yours complaining about my 'OT' post
accomplish? The same thing, but cubed.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

"Only religious fanatics and totalitarian states equate morality with
legality."
- Linus Torvalds

 

[Leythos]

And that same zealotry mantra of the ignorant can be seen from the
windows side too.

Yep, it's not something that is unique to ANY OS. I use to know a couple
network admins that logged in as a root level account on AIX for their
daily work - they said it made thing simpler


--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(e-mail address removed) (remove 999 for proper email address)

 

[Frank]

And what does this post of yours complaining about my 'OT' post
accomplish? The same thing, but cubed.

I bet we're now gonna have a math quiz, right?
Damn!
Frank

 

[Adam Albright]

I bet we're now gonna have a math quiz, right?

You wouldn't get very far in any math quiz since you can't get past 20
even with you barefoot. Just face facts Frankie, you're an idiot and
everybody knows it.

 

[Jerry White]

hahaha...try harder you moron!
Frank

Nice proof... or lack there of...

 

[Clenna Lumina]

BS!
I've yet to see any Dell, HP or Toshiba OEM's with Administrator (Computer
Management/Local Users and Groups/Users/Administrator) enabled.

Actually many of them do. They are either in administrator or something
close to administrator that's high enough not to require you to enter the
administrator password when you get those prompts (like when installing
applications.) Either way it's high enough to do plenty of damage should you
let your kids or visiting cousin, etc, use your comp (and IE7) for a little
while.

It's more common than either you think or like to admit.

 

[Clenna Lumina]

Yep, it's not something that is unique to ANY OS. I use to know a couple
network admins that logged in as a root level account on AIX for their
daily work - they said it made thing simpler

It really depends on the person, but in general over the years I found
Windows users for the most part to be less knowledgeable of how thier
computer works than a typical Linux or Unix user.

As for running as root, I'd never recommend doing it on a live system, but
on my personal Linux system I've been doing it for years. I do not let most
processes/services run as root, and in general run programs as normal users.
It just depends on what you do with the system, what your usage habits are
like, and how you set things up, and also is it your personal system + do
you know what you are doing. The latter tends not always apply to the joe
"home edition" Windows user.

 

[Clenna Lumina]

And that would follow the ignorant masses problem that all OS's suffer.
which is the point of my post. You have Zealots stating the XYZ is safer
and that it can't be hacked and then when they are disproven, for the
same reasons that many Windows boxes are hacked, they get disgruntled.

The article at the head of this post does NOT say a Linux system was hacked,
it said someone got in via brute force - trying password after password
until one works. It said the perp was trying for a long time, something that
should of never been allowed if someoen was watching things. That was a
failure on the admin's part, NOT the system. This is something that happens
infinately more on Windows boxes (though it's nto limited to them) and you
know it.

It's amazing how people like you just jump on the band wagon and show that
you haven't even read the article.

If you think Linux has been actually "cracked" then site an instance. Anyone
can site and try over and over, or evne run an pllication that permutates
over every combination, and/or runs through a dictionary file. I hardly call
that "cracking"... most would call that a admin asleep at the helm.

 

[Jerry White]

Alias made a point of always being negative and suggesting that
Ubuntu was the savior of the world

I dare you to site a single example of when he actually said that. And you
still miss the point that the Linux systems in question in that article were
NOT hacked, so get over it.

 

[Wayne Poe]

Not to me it isn't. Their machines were attacking others. That, is
a security problem, by every definition of the word.

Which could of been prevented if they weren't asleep at their posts.

If someone else other than them is expected to do something
about it, then what's the point? They manned up and said that
they didn't apply the patches. That's their fault.

Patches or not, they neglected their duty as sysadmins.

MS makes it easy. Microsoft update. Every day. Not so stupid now.

Which can force you to reboot if you're running as a non admin user on
Vista.

Linux is good. Don't get me wrong. But it is fallible too.

I've bene using various distros and versions of Linux, for both
home/personal usage and as an admin of live servers, and I really haven't
found much fallible about it. The core is rock solid. What's fallible is
running out dated software with known security holes. A good sysadmin would
stay on top of that, and at the very least watch the logs, keep an eye on
who is and has bene connecting and such.

Anyone who reads cert.org can tell you that. Luckily, most
people who know how to do bad things don't do them to
linux as frequently as they do them to us. Doesn't mean it
can't be done. It can.

It can, but it's not so much Linux but either bad software or improperly
configured software. Again, that is a sizable difference when you compare to
all the security flaws at Window's core, which includes IE (ever since they
integrated it into Explorer back in Win 98.) Just look at how many exploits
are found at the _core_ and sometimes patches are then released to try to
fix them and sometimes new one arises. Problems at the core problems are
generally not an issue in Linux, but rather the different softwares that run
with in.

Bottom line, security patches help, doing your job as a system's
administrator is even better. There just sin't any substitute for that imho.

 

[Lang Murphy]

I guess it depends if the admins actually do their job as maintainers. If
they don't, it's no one's fault but their own.

There you go...

For live servers, yes I do. Any properly maintained live server (like
those in data centers used by hosting companies) should fall prey to such
attacks if the admins do their jobs. If they do then someone wasn't taking
care of things.

Are there other types of servers other than "live" servers? Anyway, that's
my whole point... ya think every server out there is properly maintained? I
don't have any metrics one way or the other, but I'd hazard a guess, that,
no, not all servers are properly maintained. S'no big deal...

Lang

 

[Frank]

Nice proof... or lack there of...

Gave up already huh?
Frank

 

[Frank]

Actually many of them do. They are either in administrator or something
close to administrator that's high enough not to require you to enter the
administrator password when you get those prompts (like when installing
applications.) Either way it's high enough to do plenty of damage should you
let your kids or visiting cousin, etc, use your comp (and IE7) for a little
while.

It's more common than either you think or like to admit.

Sorry pal, but that's not root or super administrator and that's what
I'm talking about.
Frank

 

[Frank]

I dare you to site a single example of when he actually said that.

You must be either a newbie or brain dead or just a simple jackass.
We all know what he did as we had to live (suffer) thru it all.
Google him, if you know how.
Otherwise STFU!!!
Frank