Spyware on FreeBSD?
Ted Mittelstaedt
tedm at toybox.placo.com
Thu Jul 14 16:19:01 GMT 2005
>-----Original Message-----
>From: owner-freebsd-questions at freebsd.org
>[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Gayn Winters
>Sent: Wednesday, July 13, 2005 9:49 AM
>To: questions at freebsd.org
>Subject: Spyware on FreeBSD?
>
>
>I was wondering if anyone had had any trouble with spyware on their
>FreeBSD systems, or if we are too small a group of consumers for the
>spyware vendors to attack?
>
we are too small a group of consumers for the spyware vendors to attack.
Keep in mind that spyware only works if you have a critical mass of
systems
that are configured absolutely identically, with the same software.
However, UNIX systems are vulnerable to custom attacks by crackers, if
you
are running versions of software that have been found to be insecure,
that
is why there are CERT advisories all the time on UNIX software. But,
while a cracker could break into a system that was running an insecure
version of Apache, for example, there simply are not enough UNIX servers
on the Internet for an automated cracking program, like a typical Windows
virus, to propagate. Also, you cannot depend on the same versions of
software being present even on UNIX hosts that are running the same
insecure version of Apache, so a successful crack almost always requires
an actual live body.
Things are much more divergent than in the days of the Morris Internet
Worm.
This is one of the areas that diversity = strength. The fundamental
downfall
of Windows systems have always been that any attacker can assume that the
Windows system he is attacking is configured the same as 10,000 other
Windows systems out there, running the same software.
Ted
More information about the freebsd-questions
mailing list