Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Where's the "one click exploit" for Linux?

__/ [ ed ] on Sunday 01 October 2006 15:52 \__

> On Sun, 01 Oct 2006 14:34:16 +0100
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
> 
>> You completely forgot use-search-engine-to-compromise-box type of
>> exploits. You see, with Windows. some exploits only require that you
>> visit a Web site that has snuck into search engine results pages
>> (SERP's). This has led Google to going as far as scanning pages for
>> exploits rather than just caching and indexing them. Windows has
>> increased the workload for services.
> 
> That is so true.
> 
> Before we could host a gazillion email domains on a low end box, now
> that O/OE can become a virus mill and clog the servers we have to scan
> every email that comes our way for viruses. If we ignore to check the
> mail very soon an OE mail client will become a virus mill. It will be
> exploited and begin clogging mail servers, which then leads to our /19
> getting listed at RBL sites. Not something we want.
> 
> This extra work has changed our network, we now require a huge CPU
> overhead to scan mail. That pushes our profit margin to breaking point.
> BUT, when this was done on an Exchange server (before my days at the
> company) we needed dual/quad boxes to handle the load, the
> administration was manual. Through UNIX we have changed much for the
> better, now we have a handful of boxes operating smoothly and is fully
> automated.
> 
> We also don't have to spend an ass load on exchange licences. Perhaps
> this was MS's goal, make the mail server do more work, thus original
> work has to spread over more boxes, more boxes = more licences.
> 
> For 5 PC's to do this work (I'm not going to compare throughput here,
> just the cost of 5 PCs to do the job).
> 
> MS stack:
> 
> MS exchange: 276.53
> MS Windows 2003: 217.98
> Virus scanner: 40
> Uptime: ~90-180 days
> 
> Linux/BSD stack:
> 
> Debian/OpenBSD: Free
> Qmail: Free
> Scanner: Free
> Uptime: 600days, and counting
> 
> This comparison extends also to our web farm. But more importantly the
> DNS.
> 
> DNS had to be managed via the MS DNS administration controls. This was a
> real pain. The control took forever to load about 10,000 domains. That
> was a real strain, on end users and administrators. Point being, when
> the DNS server had to reload it would be offline for about 20 mins, it
> would physically stop working.
> 
> Thanks to the free licencing of Linux/BSD we could implement a better
> DNS cluster and control the records in a database. This allows us to
> make bulk changes and updates in a fraction of the time.
> 
> Windows trolls, put that in your pipe and smoke on it. The business has
> a minor licence fee by comparison. My regret is that through their
> continuous trolling companies in the UK are loosing money and it hurts
> our economy. If only I could reach all the businesses here and
> help/allow them to convert then we would be much stronger economically.

Ed,

Months ago some discussions revolved heavily around the fact that Windows
zombies (botnet) have changed the WWW landscape entirely. The effect of SPAM
(the vast majority of which is spewed out by Windows), for example, are
increased fees (ISP's), inbox bloat (also affects non-Windows users), and
overall congestion (slow connections). And that's just SPAM. DDOS attacks
start an entirely new type of discussion.

The effect Microsoft had on the Web will never be forgotten. I will never
forgive Microsoft for those attacks on my Web site, as well as my E-mail
accounts. Imagine what nerve they must have as they refuse to patch critical
bugs for which exploits already exist 'in the wild'. Imagine the cowardly
Gates who now retires, having promised in the beginning of 2004 that SPAM
would vanish within 48 months. Its scale of attacks only grows by the day
and new ailments crop up by the day, which make everything more malignant
and more severe. The crackers get smarter; Microsoft only gets more stupid.
As I said before, the Internet gradually enters its dark ages. And it repels
many users, kills the use of common comminication methods, and makes
businesses reconsider e-commerce.

Best wishes,

Roy

PS - that thing that replies to you -- just killfile it. It's not worth your
time.

-- 
Roy S. Schestowitz      |   McDonald's Certified Sandwich Engineer (MCSE)
http://Schestowitz.com  |  Open Prospects   ¦     PGP-Key: 0x74572E8E
Tasks: 129 total,   2 running, 126 sleeping,   0 stopped,   1 zombie
      http://iuron.com - knowledge engine, not a search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index