Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Question about hackers...

  1. #1

    Question about hackers...

    Have any of you ever heard someone say that hacking into windows machines is at times harder than hacking into a linux machine?

    From all that I have heard and read, the opposite is true. Can someone clear this up for me?

    /Armed

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    134
    It all depends on the person who has set up the machine. If someone has a password then it doesn't matter what system they are on. It all depends on techniques, but there are certain things about windows that makes it less secure in general. Like there coding, that is why there are so many buffer overflows. Also windows goes out of its way to make everything easier. This also can lend to some of this, it helps a less experienced administrator set up a network and communicate with other hosts.
    Sysmin Sys73m47ic
    -The Hacker Pimps
    -Development Team {FuxorWRT}
    http://www.AntiOnline.com/sig.php?imageid=563

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    To protect the innocent, I shall not name names, but I know several guys who hang around AO who would set up an MS environment that was difficult..........OK they would probably use Unix on their servers?

    If you will accept an old fart's joke................ yeah I have windows 2.03 on an HP Vectra VS 12..........anyone fancy hacking it?...................I actually have that machine, but the Windows is so old that attacks do not see it?

    Cheers

  4. #4
    If you will accept an old fart's joke................
    fart:

    1. To expel intestinal gas through the anus; break wind.
    2. To fool around; fritter time away.

    n.

    1. An often audible discharge of intestinal gas.
    2. An annoying or foolish person.



    __


    Come on nihil, that doesn't sound like you too much.....

    I like to joke as well.... Hahah...

    /Armed

  5. #5
    Senior Member
    Join Date
    Jun 2003
    Posts
    134
    There are lots of computer old farts. I am glad that I am not one of them. Lol
    Sysmin Sys73m47ic
    -The Hacker Pimps
    -Development Team {FuxorWRT}
    http://www.AntiOnline.com/sig.php?imageid=563

  6. #6
    windows 9x has no real multi user capabilities, unless you install sub7 on it. so to an extent it is fairly secure from a few standpoints. but then again it has **** for physical security.

  7. #7
    Senior Member
    Join Date
    Mar 2003
    Posts
    301
    Originally posted here by sysmin770
    There are lots of computer old farts. I am glad that I am not one of them. Lol
    Well atleast not yet haha

    PeacE
    -BoB
    #!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
    ($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
    Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
    ,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)

  8. #8
    Armed
    Have any of you ever heard someone say that hacking into windows machines is at times harder than hacking into a linux machine
    I guess it depends on how Uber you are and if the conditions are right.

  9. #9
    In my opinion... A linux system is only as strong as its admin... Correct me if I'm wrong... But Linux is open source, therefore there are no-auto-updates... The sys admins need to take matters into their own hands by getting patches for exploits or, by coding them themselves... Windows on the other hand has frequent updates for security bugs... Not that this is a good thing... I have only used linux for a lil while, and I have used windows for a longer time... So,my opinion is bias But all in all, I believe that linux is only as good as the admin running it... But I believe that windows is only as good as the person remembering to set up the firewall and run the updates... I guess its a tie...

  10. #10
    Senior Member
    Join Date
    Mar 2003
    Posts
    245
    All personal bias aside, yes a default load of any NT based product just might be more difficult to break into
    than a default load of any Unix with the exception of OpenBSD, and (Trusted)Solaris[1].

    There are a few things that make this true.
    1) Most black-hat's run a Unix, hence exploits and technique's for compromising Unix-based systems
    are in great supply due to tinkering on one's own machine and developing it into a proof-of-concept,
    and it later becomming a widely used exploit. This is how almost all exploits get started.

    2) Gaining root on a Unix-based system is much more useful than SYSTEM on an NT-based host. Modern
    Unix OS's are a networking operating from the ground up and lend themselves to many more ways of
    doing new and nasty (as well as good) things on a network. Hence they are attractive targets. I know
    of quite a few black/grey/white-hat's that don't really know or care much about Windows&trade;.

    3) Unix OS's are likely to have ftp, telnet, ssh, smtp, rsh, rexec, finger, http, identd, nis/yp, X11, rpc, and a host
    of other network daemons running after an install. A default install of Solaris 9 for example has _A_TON_ of
    daemons active and listening. Since these are the only way a Unix box can be remotely exploited
    turning these off is critical

    4) Default accounts. A problem that has plagued many Unix OS's, but most notably Tru-64 UNIX, HP-UX,
    and IRIX. IRIX for example used to allow remote login of the user lp (printer daemon) with _no_ password!

    5) Unix systems tend to be the important ones on the network, such as mail, http, finanical/HR, backups,
    super-dooper-secrets, SQL, and security hosts (firewalls, nids, proxy, etc.). This is not always true of course,
    but at most companies I am aware of that run a mixed Unix/NT environment, the above is how it works out.

    6) Unix is _much_ older than Windows&trade;. The art of cracking system security was born in the Unix
    world, not DOS/Windows&trade;. Don't believe me? Read Phrack Magazine from the first issue on, DOS/Windows
    didn't start showing up until 1993 and doesn't start showing up frequently until 1996.

    There are of course some misconceptions about Unix security which should be pointed out.
    1) Unix is Open Source: This is absolutely _NOT_TRUE_. Linux, FreeBSD, OpenBSD, and NetBSD are
    Open Source, that is true. Solaris, AIX, IRIX, HP-UX, Tru-64, BSDi, SCO, and the rest of the commercial
    UNIX&reg; OS's are in many ways more closed source than Windows&trade;. While an intern at a certain
    UNIX vendor, I read and signed an 18 page Non Disclosure Agreement just to work on a very small part
    of the driver code for the printer daemon (under stringent supervision I might add).

    2) Unix is very insecure by default: False. A vulnerability in the daemon, or some other horrific oversight
    in default configuration has to render a service vulnerable before it can be attacked. Having 30 listening
    daemons doesn't necessarily mean any of them are exploitable.

    3) Frequent security patches indicate an insecure OS: Would you rather have a patch for that bug this
    week, or next quarter? It is silly to suggest that releasing one large patch 3 times a year means the
    respective OS is more secure than one with multiple updates issued every month as they come up.

    Sorry for being such a nerd with my reply. This topic hits close to my checking account, and as you can
    tell I have some opinions about it.

    -- spurious

    [1] NSA SE Linux (included in 2.6 series kernels) and TrustedBSD not mentioned as they are not yet
    what could be considered a default install.
    Get OpenSolaris http://www.opensolaris.org/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •