Operating Systems > Linux and UNIX
Why do you prefer *nix?
gump420:
My reasons:
*NIX has better multitasking than WinNT (including 2K and XP)
*NIX has better security
*NIX is better at allocation of memory
*NIX doesn't crash as much
*NIX variants can be obtained for free, as opposed to the draconian costs associated with WinNT
*NIX can be scaled down for specific tasks - with NT you have to take the whole salami, whether you want/need it or not
*NIX runs on more platforms
etc, etc . . .
Foney:
Yes I have win 2k and yes I have linux. And I am always racing with bugtraq to keep my linux box secure. And any teen can hack win2k? how about any teen can hack linux with a cpp book and piss in the code. And what about when a box is owned on linux? say bye bye to your logs. As with 2k logs can be locked even when a machine is completely owned remotely.
voidmain:
quote:Originally posted by Foney:
Yes I have win 2k and yes I have linux. And I am always racing with bugtraq to keep my linux box secure. And any teen can hack win2k? how about any teen can hack linux with a cpp book and piss in the code. And what about when a box is owned on linux? say bye bye to your logs. As with 2k logs can be locked even when a machine is completely owned remotely.
--- End quote ---
Hmmm, that must by why Gartner (usually nazi toward MS and well respected by MS nazi mid/upper level management) has this recommendation:
http://www3.gartner.com/DisplayDocument?doc_cd=101034
And this next one has been a fundamental flaw for years. I see they finally have a patch, which involves installing IE6 and a patch of course. For the long period of time before this patch Microsoft refused to recognize it as a bug (that's what they do when caught with their pants down wondering how to fix a big one). So this is an example of them not getting off their duffs and getting a problem fixed in a timely fashion. In the open source world, this would have been licked in no time:
http://www.ntbugtraq.org/bid/3578
And the logs in NT/2k are absolute dribble. Let's see, I have 3 choices... System, Application, or Security. And that security log is a real winner.
And because I can do something in UNIX that I can't do in Win* called remote logging, someone owning a box can't get to the logs let alone all the other ways I can manipulate the logging facility. And with remote logging and a log parser sniffing for security events my log machine will page me (using utilities included with the OS). They've got no chance at getting too far.
[ December 19, 2001: Message edited by: VoidMain ]
voidmain:
And my favorite stupid WinNT/Win2k trick. Any normal user can become administrator without knowing the administrator password, assuming they can log on to the machine locally as a normal user, works great in a corporate desktop environment:
[list=A][*]copy %WINDIR%\SYSTEM32\LOGON.SCR to %WINDIR%\SYSTEM32\LOGON.ORG[*]copy %WINDIR%\SYSTEM32\CMD.EXE to %WINDIR%\SYSTEM32\LOGON.SCR[*]logoff, in 15 minutes (900 secs) you will see a DOS window appear[*]you can now create a new user with Windows NT administrator priviledges or change the Administrator password with utilities such as USRMGR.EXE, MUSRMGR.EXE or ADDUSERS.EXE (if you don't have them installed, copy them from CD/ResKit, or have someone email you their copy)[*]after you are done, you can type exit in the DOS window[*]copy %WINDIR%\SYSTEM32\LOGON.ORG to %WINDIR%\SYSTEM32\LOGON.SCR
[/list]
Note: The above assumes the system you are trying to own is using the "default" logon screen saver. If it uses something else just replace "logon.scr" in the instructions above with whatever *.scr file is currently being used for the logon screen saver.
This is great corporate fun. And it's a handy way for administrators to recover from a forgotten administrator password. What security! Might as well save the bucks and stick with your lame Win9x for the desktops.
Side note for NT admins. This really can come in handy to recover a lost password so you don't have to reinstall the OS and lose all your SAM info. And if you can't copy the file as a normal user, yank the drive out and stick it in as a second drive in another running system, copy the CMD.EXE to the <SECONDDRIVE>:\WINNT\SYSTEM32\LOGON.SCR, then put the drive back in the original machine and wait for the CMD prompt to appear and do yer magic.
But don't mark me for "+" on the MS side. It's a "-" as it's a big security hole.
And yes if you have local access to a machine whether Win* or Linux you can own it, assuming it has a floppy and/or a cdrom (boot from floppy/cdrom, mount the root filesystem, have your way). If the system is physically chained to the desk and doesn't have a floppy/cdrom, you're only going to own the Win* box. To be able to bypass the security so blatantly on a running system is just laughable.
[ December 19, 2001: Message edited by: VoidMain ]
mr6re9:
I think I'm going to enjoy this forum
There is a good mix of knowelege, skepticism and ignorance.
The ignorance is the part I'm enjoying right now.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version