In comp.os.linux.advocacy, Roy Schestowitz
<newsgroups@xxxxxxxxxxxxxxx>
wrote
on Fri, 11 Aug 2006 14:56:44 +0100
<6727505.ea3oDrN40N@xxxxxxxxxxxxxxx>:
> __/ [ mlw ] on Friday 11 August 2006 14:56 \__
>
>> Linux just runs. It stays running for a long time. You start
>> a machine and a year later you have to move it or something.
>> Then you have to remember what you did a year ago.
>
> I sometimes forget what the bootloader looks like. I sometimes
> what the login manager looks like. I rarely save work/messages
> as I go along because, quite frankly, rarely will anything go
> wrong. Filesystem integrity, viruses and firewalls can be
> treated as though they are terminology and concepts that are
> better off handled by whoever programmed that thing which you
> work on. It become a reality that you soon take for granted.
> Unlike, for example, those who take crashes, reboots, an
> occasional worm and filesystems fractures for granted.
> Linux is fun. But it can become boring.
And this is a problem precisely...why? :-)
I agree, although in my case I turn off my one machine
every night (seems the noise, which is akin to (but
fortunately not quite) a jet engine nearing takeoff speed,
annoys my downstairs neighbor :-) -- and this is before I
start playing Nexuiz on it; I can't really blame him) so
am familiar enough with my bootscreen and login. My other
machine, which is in a different room and a lot quieter,
just sits there and runs.
As some might say: it's a hardware problem.
I'm not too happy with ALSA's microphone capability and quake2
seems to have problems with ALSA, but otherwise Linux just does
its thing.
Defrag? What defrag? I run a small newsspool on this box
(leafnode), so am kinda interested on how badly the files
are positioned on the reiserfs volume. I've never bothered,
and I'm not sure reiserfs has a defrag tool anyway.
Uptime is getting close to "crazy" with 87 days. I forget
why I rebooted though, and I may have to reboot again, but
it's not because the box is futzed up, unlike certain
other offerings whose name shouldn't really be mentioned in COLA
(but often is anyway, mea culpa :-) ).
Hmm...a relatively new port, 1433, showing up on my
firewall trap logs [*], along with the usual 1026 (calendar
access protocol/messenger spam), 1027 (ditto), and 123
(NetController).
Google coughs up
http://www.linklogger.com/TCP1433.htm
and it's another set of malware looking for vulnerabilities
in That Other Software again, this time in SQL Server.
Fortunately, I don't run SQL server -- I doubt many people
do, at home, unless they're running a VB/.NET-based business.
http://isc.sans.org/port_details.php?port=123&repax=1&tarax=2&srcax=2&percent=N&days=40
is interesting in that 123 is showing a massive spike
this week, from a noise floor of about 400 to almost 9500
sources -- a gain of more than 20x. Was somebody trying
to do something cute with a botnet....?
http://isc.sans.org/
shows a slightly disturbing world map, with over 75%
of stuff marked "other". This means that there's a
well-established noise floor, though I'm not sure how much
of this is malware flitting about, and how much is simply
mistagged legitimate traffic.
http://isc.sans.org/survivalhistory.php
details "survival time" -- the time between attacks on
average. This is currently running at about 24 minutes
from the time one plugs into the Internet to the time a
virus meanders in and makes an unpatched non-Linux machine
a Zombie(tm).
On average. Could be 48 or even 96 minutes -- or could
be 30 seconds. No way to know.
Worry? What worry? With Linux, I don't have to worry
nearly as much, though in all fairness a good chunk of
my defenses are in non-Linux hardware -- I frankly don't
know what my router is running. (I doubt it's Windows
XP Embedded Edition, assuming such a thing even exists.)
This makes anything behind my router safer. Could be
Linux. Could be Microsoft Windows. Could even be an
1802-based custom computer unit, were I interested enough
to try to wire in a NIC to the silly thing (with 4K of RAM
it would be hard-pressed to handle anything even remotely
resembling network traffic, though I suppose I could
rewire it to handle 64K were I really all that interested,
which I'm not).
I think a lot of DSL or cable installations will have such
firewalls/routers -- shipped for "free" as part of the
service. I don't know regarding wireless, and of course
those phoning in using old-style 53k telephone service will
probably be running through the Internet streets "naked".
Those may be the ones at the most risk. Fortunately,
stores selling wireless-capable laptops will also sell a
virus protection package.
There are those that might claim Linux advocates are in
an ivory tower, oblivious to what's really happening.
Well, maybe we are. After all, we're not the ones
who have to delouse our boxes every 6 months (weeks?
days??) or so because some twitterpated opportunistic
worm/virus/spyscript decided to wander in and make it
its home.
How exciting does one want the Internet to be? :-)
[*] an interesting capability I discovered some months back
on my existing router is the ability to throw SNMP traps.
It's not an expensive router either.
--
#191, ewill3@xxxxxxxxxxxxx
Windows Vista. Because it's time to refresh your hardware. Trust us.
|
|
