You seem to misconstrue what exactly
a rootkit is. It’s not an exploit as
a result of some programming error,
it’s a means of maintaining access
to a system, preferably unintrusively and undetected. The rootkit itself doesn’t provide a
means to compromise a system, an
vulnerability does.

For that matter, operating systems
like OpenBSD have their source so heavily scrutinised that remote exploits are very few and far between. Not only that, but the way
the kernel is designed, it actively
prevents processes that are not executed as root to run without some sort of privilege escalation. So, with programmes such as chkrootkit and rkhunter taking care of the current generations of rootkit signatures, most Linux/BSD users with a clue about their operating system shouldn’t have any trouble with rootkits.

Try reading a book before posting
about topics you clearly know nothing
about.

With an exploit. Ever heard of root
privilege escalation? Try a secure OS
like OpenBSD. 2 remote exploits in over 13 years.

So, how much are you paid per comment?

Just 50 cents :(

and everyone pointing to ubuntu as a way to avoid them really needs a frickin clue, using precompiled source that does shit to your system you have no clue about is just asking for trouble. And before you say ‘oh but it’s all checked before sent to repositories’ just check the bug traq’s to see the number of exploits that get approved and sent into the repositories only to be discovered later on.

Thank you, a longer post let me almost “get to know you” betterish and I apologize for any harsh tone. Sometimes I’m just bitchy, and the Interblags bring that out in me. Sorry if I had a lack of respect.

But yeah, no matter what you’re running it’s pretty much mandatory to… well, know what you’re doing. Yeah. (Working on it!) Like, don’t let yourself ever use IE, don’t even think about connecting to the Interwebs on Windows without an AV prog already installed… av crap on flash drive… goodstuffs.

[QUOTE/]regxzrexg[QUOTE]
bla.blaa

1

2

3

So, how much are you paid per comment?

- Make a backup of your pristine OS right after installation before you connect anywhere including the internet. Norton Ghost is great for this task.

- Have a LiveCD to boot from and to do recovery tasks like SystemRescueCD or backtrack, I do use SystemRescueCD though.

- Using your LiveCD backup all your data to a safe place and restore the HDD with your pristine backup and put back all your data in it and that is it, doesn’t get more easy than that.

Security doesn’t depend on just your hardware and software, it depends on good pratices too.

If you want a linux distro that’s actually good for something other than coding, Backtrack is the shizzle

Hmmm…I say the following:

“If you want a /win/mac/linux distro that’s actually good for something other than coding learn to debbug that’s the shizzle and will not matter what OS you choose.” LoL

70 Jul 03, 2009 at 21:37 by F.G.

There’s anyway that I can verify if I was infected?!

YES! there is but I do not know of any automated system or easy way of doing it and to keep it simple I will just point you in the direction so you can research on your own.

- Hash the entire file system before any infection can occur this means before you connect to the internets LoL

- Have a live CD. Can be windows, linux or other thing you like. And yes you can make liveCDs from windows it’s just hard to do it.

ps: to make the database you can use an integrity checker or GIT. GIT can check differences in under a minute in the entire OS

- Run the LiveCD and confirm if anything have changed in the system on your HDD with the hashs you did before and look for suspicious files added or modified without any updates being made.

You see rootkits or what people understand to be rootkits cannot run without accessing the main hard drive if you boot from something else and preferably a different OS than the one you have installed, you can scan that disk and not have the rootkit have a chance to disguise itself. Use a virtual machine(VM), hash it and get it infected so you can see exactly what changed and what to look for in your main system.

ps: The first couple of times this will be hard very hard to do it but as you learn what to look for and what to ignore it becomes easy and easy or pay someone to do it for ya.

And people interested in those kind of stuff can research “digital forensics”

katrizzle is bang on saying that most people code to attack windows machines, they pwn the market share it only makes sense, BUT, there are plenty of nasties for linux, and if you don’t believe it, google for the security patch statistics, might be a little skewed now as MS has like 3 main os’s all going, but linux always wins, which is good, they fix shit quick, but the totally dominate in numbers of fixes.

Whens the last time you downloaded any linux distro and didn’t have to install package updates?

keep telling yourself just cause you use linux you are safe, enjoy the pain, my windows box is just as secure as any linux box, and *most* linux users know how to protect themselves, until you start spreading false info about how secure it is and people with no clue how to secure it start installing it. And downloading it from torrents when all linux distros are available via SECURE torrents, no TPB infected crap.

“How the crap does this attack WORK anyway? If your browser is properly set up, you DON’T get affected by drivebys.”

Lets say you allow scripts on your favourite site, blocking most ads, but allowing scripts. Then, unbeknown st to the site owner an ad is replaced with malicious code, or even the site itself.

Lets say you need capcha or some other bs to login, that’s where they get you. I can’t speak for this case, but as most people know, torrentreactor is a bs site with nothing but fakes and crap anyways.

That’s how this stuff usually works.

Use FireFox in whatever OS you use, if you use windows, make sure you secure it, if you migrate to linux, LEARN how to properly use it.

For windows to linux noobs, i suggest ubuntu or Fedora Core, as they are very very easy to use and most windows users will feel at home.

If you want a linux distro that’s actually good for something other than coding, Backtrack is the shizzle