Slashdot Mirror

← Back to Stories (view on slashdot.org)

£10,000 Prize for Linux Virus Challenge Re-Issued

Posted by CmdrTaco on from the take-two dept.

mutantcamel writes "Eddie Bleasdale, the director of NetProject has been offering £10,000 to the first hacker to infect his Linux machine with a virus for the last two years, and so far no one has hit the jackpot. He's re-announced his challenge to virus writers following a Gartner report which told IT depts. not to trust MS server software because of recent worm attacks on their servers, but a Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins."

5 of 296 comments (clear)

  1. Re:'tardy' sysadmins by Anonymous Coward · · Score: 1, Informative

    I think it was on the freebsd website that I recently saw something along the lines of "four years without a remote exploit in the default install". Can either Microsoft or the Linux community claim that? Of course not. But the point is, it IS POSSIBLE, you can't just blame sysadmins, the vendor needs to accept some responsibility too. It shows that if a vendor really feels strongly about security, then it is possible.

    On a side note, I struggle to believe that MS isn't legally responsible for damage resulting from defects in its products, or that if they aren't (via EULAs) that people accept this blithely, MS has had a pretty lax attitude up to now.

  2. Re:This is Stupid by ryanr · · Score: 4, Informative

    The patches for holes that Nimda took advantage of had been available for months. The relevent BIDs can be found in here:
    http://aris.securityfocus.com/alerts/nimda/010921- Analysis-Nimda-v2.pdf

  3. Hope people have read the Gartner report... by SmileyBen · · Score: 5, Informative

    Before people start slamming the Gartner report again, I hope they've read it. People seem to be under the impression that Gartner said that IIS simply wasn't secure and that other things are better - and that the response to this is 'duh, any machine which isn't updated isn't secure'. That isn't a valid response at all, because what Gartner very specifically said was not that IIS couldn't be secured, but that it is simply uneconomical because of the time and effort it takes to update IIS.

    I.e. Just what they are saying is 'We all know you need good sysadmins to make sure systems are up to date with security patches, but in the case of IIS you'll have to employ someone to spend all their time doing this, and that simply isn't the least expensive way to go'....

  4. Re:This is Stupid by trentfoley · · Score: 2, Informative

    If you had taken time to install these patches you wouldn't have been infected

    I agree that systems must be patched. But, lets get real -- From my own experience, installing Microsoft patches is inherently unsafe. I must admit that it has been a while since I dealt with Microsoft Servers. However, I was involved in a hot-fix install where 39 out of 40 NT4.0 servers took patches just fine, but on that 40th, whoa!!! Corrupted registry, blue screen, total failure. Even after restoring from the backup, the patch caused the same failure. According to my client's MCSE, it turned out to be a hosed Microsoft Exchange setup that caused the problem. Perhaps it was my client's fault, but because of their service contract with another 3rd party responsible for Exchange, it took three full days of downtime to get Exchange reinstalled on a patched NT4.0 installation. My group got reamed for the email downtime when all we did was apply security fixes.

    The point I'm trying to make is this: How many admins out there have been burned by applying MS hot-fixes and wait until a full service pack before doing anything, if even then?

  5. Re:Have you ever worked as a real sysadmin? by warpeightbot · · Score: 5, Informative
    I work in an enterprise unix environment and getting time for outages to apply patches is incredibly tough when you are running 24x7 systems that are critical to the operation of the customer.
    WHAAAT?!?!

    When I worked at a certain Very Large Airplane Company, we had a very simple procedure for emergency upgrades:

    • Patch the backup server (you do have a backup server, don't you?)
    • Fail over to the backup server (you do have a failover procedure, don't you?)
    • Patch the main production server
    • Fail back to main
    Sometimes several days would elapse between the patch/failover/patch and the fail back.... because we had capacity planned the failover host to be able to run the production floor at full speed, and there was no use slamming things around without necessity. Besides, it was a good test for the failover machine to run for a day or three as production just to see....

    Yes, most system incursions are preventable with good patching and good firewalling. Yes, this applies across ALL OSen. Yes, Microsoft code is crappy and the number of security updates is thru the roof, but that's not the point of this argument.

    The point is that if you can't get an outage to apply a critical patch whose absence may cost you a full reinstall and a weeks' downtime, you have a management problem and a design problem, not a vendor problem or a sysadm problem..... and you need to be thinking (a) what's the best way to fix this, and if that doesn't give you any good answers (b) where do I want to work next. Because sooner or later somebody's going to 0wN j00, and if your ass isn't grass you'll wish it were.