Linux-Advocacy Digest #389, Volume #26 Sat, 6 May 00 12:13:05 EDT
Contents:
Re: Linux from a Windows perspective (Pete Goodwin)
Re: This is Bullsh&^%T!!! (Pete Goodwin)
Re: This is Bullsh&^%T!!! (Pete Goodwin)
Re: Linux file system vs. Win/DOS ?
Re: This is Bullsh&^%T!!! (Jeff Hall)
Re: Linux file system vs. Win/DOS ? (mlw)
Re: This is Bullsh&^%T!!! ("Erik Funkenbusch")
Re: Browsers and e-mail (Bastian)
Re: which OS is best? ([EMAIL PROTECTED])
Re: This is Bullsh&^%T!!! (Tesla Coil)
Re: QB 4.5 in Win 2000 ("Tom Hanlin")
Re: Linux file system vs. Win/DOS ? (Tim Kelley)
Re: This is Bullsh&^%T!!! (Ned Nondo)
Re: Browsers and e-mail (Perry Pip)
Off-topic ? ("Alberto Trillo")
Re: This is Bullsh&^%T!!! (Darren Winsper)
Re: apache.org defaced (Ian Pulsford)
Re: Call me Paranoid - Re: What else is hidden in MS code??? (R.E.Ballard ( Rex
Ballard ))
Re: How many more viruses does Microsoft need to fix the problem? (John McKown)
Re: what's the best tool for linux to get IPs? (John McKown)
----------------------------------------------------------------------------
Subject: Re: Linux from a Windows perspective
From: [EMAIL PROTECTED] (Pete Goodwin)
Date: Sat, 06 May 2000 08:34:09 GMT
[EMAIL PROTECTED] (C. Kolin Bakslas) wrote in
<[EMAIL PROTECTED]>:
>Because Linux != Windows!
True
>Linux will never equal Windows.
True
>Linux is way beyond windows,
At the moment, it's way behind Windows. One day, in the (distant) future
maybe it will overtake it. But not now.
Pete
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
From: [EMAIL PROTECTED] (Pete Goodwin)
Date: Sat, 06 May 2000 08:47:47 GMT
[EMAIL PROTECTED] (CG) wrote in
<[EMAIL PROTECTED]>:
>then why doesn't it happen in linux or unix?
>why do the overwhelming majority of viruses, particularly the macro
>and self executing viruses, affect only M$ o/s computers?
It already has in UNIX. There was a virus that executed through a bug in
the sendmail (I vaguely remember). It got fixed though, so it shouldn't
happen again.
Also, could it be overwhelming majority of viruses attack Microsoft etc.
simply because that's the predominant platform? Would we be complaining
about Linux in the same way if Linux became as popular?
Pete
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
From: [EMAIL PROTECTED] (Pete Goodwin)
Date: Sat, 06 May 2000 09:11:20 GMT
[EMAIL PROTECTED] (Erik Funkenbusch) wrote in
<CJHQ4.4653$[EMAIL PROTECTED]>:
>Sorry, ILOVEYOU doesn't access system files. It accesses the users
>address list (which will always be visible to a user, or what's the
>point of having one?) and it overwrites graphic and music files
>belonging to the user. No system files at all.
There's already a variant of the virus that attacks .bat and .ini files.
Pete
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Linux file system vs. Win/DOS ?
Date: 06 May 2000 10:47:14 GMT
In article <[EMAIL PROTECTED]>, mlw wrote:
>tom wrote:
>Here is a, not too, authoritative break down:
>
>/etc - System configuration files.
>/bin - administration programs needed to fix a machine.
>/sbin - system level programs needed to boot a machine
>/usr/bin - general user programs linked to the main system libraries.
>/usr/sbin - administration tools.
>/usr/X11R6 - The x Window system
>/usr/share - supposedly platform independent files .
>/usr/local - supposedly platform dependent files.
One you seem to have forgotten :
/opt - optional mostly commercial software uses that like
WordPerfect.
I also tend to doubdt your declaration of /usr/local from what I understand
is that /usr/local is used for non-standard programs normally not found on
every machine on your site.
Michael
--
Michael C. Vergallen A.k.A. Mad Mike,
Sportstraat 28 http://www.double-barrel.be/mvergall/
B 9000 Gent ftp://ftp.double-barrel.be/pub/linux/
Belgium tel : 32-9-2227764 Fax : 32-9-2224976
------------------------------
From: Jeff Hall <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Sat, 06 May 2000 07:38:29 -0400
Mike wrote:
>
<snipped>
>
> mail, it's really nice). And, on occasion I still use Netscape mail, which
> is a good mail program, and can launch the worm as well as Outlook Express.
>
> -- Mike --
The unusual characteristic about ILOVEYOU virus is that it spread quickly
because you only had to preview it and it would access the address book and
replicate itself. Automatic preview is the default in Outlook.
Netscape can automatically execute a program. But, unlike Outlook, the program
will be a java applet. And, java was designed from the ground up to be secure
under these conditions, as it runs in a "sandbox" which deliberately prevents
any code that could write to a users disk, as well as other limitations.
http://developer.java.sun.com/developer/technicalArticles/Interviews/Sandbox/index.html
------------------------------
From: mlw <[EMAIL PROTECTED]>
Subject: Re: Linux file system vs. Win/DOS ?
Date: Sat, 06 May 2000 08:51:33 -0400
[EMAIL PROTECTED] wrote:
>
> In article <[EMAIL PROTECTED]>, mlw wrote:
> >tom wrote:
>
> >Here is a, not too, authoritative break down:
> >
> >/etc - System configuration files.
> >/bin - administration programs needed to fix a machine.
> >/sbin - system level programs needed to boot a machine
> >/usr/bin - general user programs linked to the main system libraries.
> >/usr/sbin - administration tools.
> >/usr/X11R6 - The x Window system
> >/usr/share - supposedly platform independent files .
> >/usr/local - supposedly platform dependent files.
> One you seem to have forgotten :
> /opt - optional mostly commercial software uses that like
> WordPerfect.
> I also tend to doubdt your declaration of /usr/local from what I understand
> is that /usr/local is used for non-standard programs normally not found on
> every machine on your site.
Like I said, not too authoratative. I do use an /opt directory, but it
has seemed to fall out of favor as of late, I'm not sure why. Besides my
systems, I only see opt directories on sun boxes.
As for /usr/local vs /usr/share, I have yet to see any real consistency
in their use.
--
Mohawk Software
Windows 9x, Windows NT, UNIX, Linux. Applications, drivers, support.
Visit http://www.mohawksoft.com
"We've got a blind date with destiny, and it looks like she ordered the
lobster"
------------------------------
From: "Erik Funkenbusch" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Sat, 6 May 2000 08:21:48 -0500
Jeff Hall <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> > mail, it's really nice). And, on occasion I still use Netscape mail,
which
> > is a good mail program, and can launch the worm as well as Outlook
Express.
> >
> > -- Mike --
>
> The unusual characteristic about ILOVEYOU virus is that it spread quickly
> because you only had to preview it and it would access the address book
and
> replicate itself. Automatic preview is the default in Outlook.
Untrue. You have to physically launch the attachment. Simply previewing
does not enable the virus.
I wish you people would get your facts straight. I've read this
misinformation dozens of times. It's simply not true.
The reason it's spread so fast is that few people seem to be able to resist
opening an attachment that says it's a love letter.
------------------------------
From: [EMAIL PROTECTED] (Bastian)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Browsers and e-mail
Date: 6 May 2000 13:14:30 GMT
On Fri, 05 May 2000 23:27:45 -0400, mlw wrote:
>
>Given the nature of both systems, i.e. the normalcy of receiving data
>from unknown origins, shouldn't e-mail have the same restrictions and
>safety precautions that browsers have?
I'm pretty sure most browsers have. And I'm also pretty sure that most
users are too careless/stupid/lacking experience to enable them.
Bastian
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To:
comp.os.ms-windows.advocacy,comp.sys.mac.advocacy,comp.os.ms-windows.nt.advocacy,alt.flame.macintosh
Subject: Re: which OS is best?
Date: Sat, 06 May 2000 08:26:58 -0500
On Sat, 06 May 2000 06:48:19 GMT, [EMAIL PROTECTED] (Jim Richardson)
wrote:
>I use the term "features" in it's broadest possible sense. When firing up
>windows it presents you with a login form, it looks real official, it appears
>to be somewhat secure, if you give it the wrong password, it will error out and
>make you try again, but if you simple hit "Esc" or click cancel, it bypasses
>the login and you get to the desktop anyway. It's called a login, but it isn't,
>at best, it's a way to set preferences for several accts, but no files are
>protected, no real security is there, it's just pretend.
You mean the default Windows 95/98 login; this can easily be beefed up
so that if you're on a domain you can't log in to Windows 95/98 at all
without a password.
WinNT / Win2000 doesn't have this problem.
------------------------------
From: Tesla Coil <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Sat, 06 May 2000 08:27:20 -0500
On 6 May 2000, Erik Funkenbusch wrote:
> I wish you people would get your facts straight. I've read
> this misinformation dozens of times. It's simply not true.
>
> The reason it's spread so fast is that few people seem to
> be able to resist opening an attachment that says it's a
> love letter.
"I'll send you a love letter! Straight from my heart...
You know what a love letter is?"
-Frank Booth, in *Blue Velvet* (1986).
``Microsoft, the world's biggest software company,
has not been immune to the virus.
``After detecting the virus on the company network
late on Wednesday, Microsoft's security team cut off
the e-mail system from the Internet in the early hours
of Thursday to scrub its computers clean.
``"We're taking exactly the same precautions that
we recommended to our customers today. We always
use good-quality virus scanners and make sure that
internal users understand that you don't want to run
programs that were sent by somebody you don't know
or that you weren't expecting to get," Culp says.
``However, in midafternoon, a Reuters reporter
received two "Love Bug" faxes inadvertently sent
from a Microsoft public relations officer's computer.
The virus can be sent via computer-controlled faxes
but will not infect fax machines.''
--Reuters report of 5 May 2000.
------------------------------
From: "Tom Hanlin" <[EMAIL PROTECTED]>
Crossposted-To: alt.destroy.microsoft,alt.lang.basic
Subject: Re: QB 4.5 in Win 2000
Date: Sat, 6 May 2000 14:48:46 GMT
On 5-May-2000, "Michael Mattias" <[EMAIL PROTECTED]> wrote:
> Curious rip of licensing, sir, as your shareware products were offered on
> a licensed basis with many of the same disclaimers you now single out
This is, quite simply, untrue. Perhaps you are thinking of someone else?
My licensing is brief and in clear language, and basically just covers these
points: you can distribute the trial versions freely as long as you don't
modify them; you can't distribute the files that are unique to the
registered version; and I can't guarantee that everything will work on every
possible computer configuration.
On that last point, I should not that the trial versions are always fully
functional, so it's always possible to test before buying. The registered
versions typically come with full source code, allowing you to make your own
modifications if you really really need to get that one routine working on
your Unique Enigma-brand embedded microcontroller.
--
Thomas G. Hanlin III, Programmer At Large
home: http://www.tgh3.com - programming tools & libraries, games and things
work: http://www.powerbasic.com - DOS & Windows BASIC compilers & tools
------------------------------
From: Tim Kelley <[EMAIL PROTECTED]>
Subject: Re: Linux file system vs. Win/DOS ?
Date: Sat, 06 May 2000 10:09:48 -0500
Reply-To: [EMAIL PROTECTED]
mlw wrote:
> Like I said, not too authoratative. I do use an /opt directory, but it
> has seemed to fall out of favor as of late, I'm not sure why. Besides my
> systems, I only see opt directories on sun boxes.
>
> As for /usr/local vs /usr/share, I have yet to see any real consistency
> in their use.
from the filesystem standard:
"The /usr/local hierarchy is for use by the system administrator when installing
software locally. It needs to be safe from being overwritten when the system
software is updated. It may be used for programs and data that are shareable
amongst a group of hosts, but
not found in /usr."
I think /usr/share is just for platform independent application data files (gimp
brushes, dictionaries, icons, wallpapers, etc), not programs, as it doesn't
replicate a "/" structure (with /bin /etc /sbin) as /usr/local does. Ooh unix
is sooo organized.
--
Tim Kelley
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: Ned Nondo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: Sat, 06 May 2000 15:14:33 GMT
Jedidiah,
> Binaries could be run afterwards.
>
> They won't run automatically.
>
> They won't be run merely by viewing them in a mail application.
>
Can you tell me how to get Outlook/OE to automatically execute
the attachment. I emailed the "I love you" vbs file as an attachment to
a temporarary e-mail account and grabed it from 5 different machines
running Outlook. I viewed the email without anything getting sent out
on any ports. I believe there were some issues with the Preview pane in
Outlook a while back but there were fixes for that.
Thanks,
Ned
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Perry Pip)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Browsers and e-mail
Reply-To: [EMAIL PROTECTED]
Date: Sat, 06 May 2000 15:27:07 GMT
On Fri, 05 May 2000 23:27:45 -0400, mlw <[EMAIL PROTECTED]> wrote:
>
>Given the nature of both systems, i.e. the normalcy of receiving data
>from unknown origins, shouldn't e-mail have the same restrictions and
>safety precautions that browsers have?
>
They surely should. Web browsers routinely run Java Applets and Javascript
without being able to infect systems with viruses. This is because Java
applets and Javascript, when used over the web, are limited in that they
can't do any file i/o on the clients system. Nor can they open network
connections except with the sending web server. This has been that way by
design by Sun. There is no reason some sort of limited applet or scripting
language can't be used and standardized for dynamic email content.
There may other approaches that can be taken as well. For example, having
all email attachments be suid and sgid to some powerless built-in user.
But there would be some other issues in implementing something like that.
Nonetheless, if enough developers brainstormed the problem they would come
up with something.
I think Windows advocates are correct when they say a virus like this
could just as easily affect Linux if Linux were popular. But what they
fail to see is just how the Linux developer community would respond to
such a problem. Somebody would actually *innovate* a solution to the
problem. But Microsoft would rather not have to innovate a security
solution as long as they can get away with having consumers believe it is
something they have to live with.
Perry
------------------------------
From: "Alberto Trillo" <[EMAIL PROTECTED]>
Subject: Off-topic ?
Date: Sat, 06 May 2000 15:34:25 GMT
I do not know if this post is off-topic or not, may be a little. The
last Microsoft related famous virus (I LOVE YOU) has made
me though about how can it be proved that a person is its
programmer ? Are logs accepted by the law ? Aren't logs too
much easy to be false ? Can anyone give me a little of light ?
------------------------------
From: [EMAIL PROTECTED] (Darren Winsper)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: This is Bullsh&^%T!!!
Date: 6 May 2000 15:36:58 GMT
On Fri, 05 May 2000 23:43:26 GMT, Jeff Szarka <[EMAIL PROTECTED]> wrote:
> :c) UN*X attachments are rather rare :)
>
> There were no e-mail virii for Windows till a year or two either. Just
> wait. If the market share ever makes Linux a worthy candidate for
> virus attacks and it'll happen.
Linux has a market share RISC OS users could only dream of, yet there
were plenty of viruses for it.
--
Darren Winsper (El Capitano) - ICQ #8899775
Stellar Legacy project member - http://www.stellarlegacy.tsx.org
DVD boycotts. Are you doing your bit?
This message was typed before a live studio audience.
------------------------------
Date: Sun, 07 May 2000 01:36:45 +1000
From: Ian Pulsford <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: apache.org defaced
Drestin Black wrote:
>
> http://www.attrition.org/mirror/attrition/2000/05/03/www.apache.org/
>
> say... what's that at the bottom of the page?!
It looks to me like the gif is taking the piss out of Backoffice. Check
out the little pop-up "Powered by WUT?" when you put your pointer on it.
IanP
--
"Dear someone you've never heard of,
how is so-and-so. Blah blah.
Yours truly, some bozo." - Homer Simpson
------------------------------
From: R.E.Ballard ( Rex Ballard ) <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Call me Paranoid - Re: What else is hidden in MS code???
Date: Sat, 06 May 2000 15:44:35 GMT
In article <[EMAIL PROTECTED]>,
dakota <[EMAIL PROTECTED]> wrote:
> In article <xG4Q4.4326$[EMAIL PROTECTED]>, "Erik
> Funkenbusch" <[EMAIL PROTECTED]> wrote:
> >R.E.Ballard ( Rex Ballard ) <[EMAIL PROTECTED]> wrote in
> message
> >news:8eqid8$d5p$[EMAIL PROTECTED]...
Who knows, maybe the author of the "Love Bug" virus was
using my system for a "test". :-)
> >> It looks like we'll never know. For some mysterious reason,
> >> my hard drive lost all it's partitions. I examined the
> partition
> >> table, it was filled with zeros.
Interesting that this program was one of the ActiveX warnings
I posted earlier in this thread. As were several components
of the "I love you" zip virus. It appears that someone took
the ActiveX controls from the prevention site and bundled them
into a nice VBA.
> >> To make things even more interesting, each time I tried to
> >> repartition the drive, it refused to remember the
> partitioning.
> >> Prior to this no virus detectors went off.
Notice that none of the "love bug" components were detected
by Macaffe or Norton or any of the others. I would have thought
that the ActiveX controls in question would have triggered the
virus detector.
Of course, virus detectors focus on content stored on the disk drive.
A hacker component embedded in a web page would only show up in
RAM, and perhaps in the cache directory (first thing the hacker would
do is remove the tmp file).
> > All very convenient Rex. I won't call you paranoid, I'll call
> > you stupid if
> >you think anyone here falls for this.
I'm not saying that Microsoft targeted me. But I do think it's a
strange coincidence that less than 24 hours after I post this
article, and less than 5 days after posting the warnings to this
thread, that the "Love Bug" suddenly goes out and does everything
I just described. (If you open the file, it renames your office
files, encrypts them using different keys, and sends you password
files and posting history (including all the cgi string values)
to someone via e-mail.
The local San Francisco News station opened the virus in a an
isolated computer to see what it would try to do. It did all
of the things described above. I'm curious whether there might
be a time delayed "wipe the partition table" bomb waiting to
go off?
> >> I'm hoping that the manufacturers can salvage the drive, but
> >> this was one nasty buggy. Not only did it cost me $6000 in
> >> billable time (spent trying to rebuild the disk then
> >> waiting for a replacement to be shipped via overnight),
> >> it also put my client in a bind.
> >
> >Sounds like you're at fault for not making backups.
I did make backups, and restored them as soon as I had a
functional drive.
> >> Well, now the drive is going back to IBM.
> >> Maybe they can figure it out.
IBM is the drive maker. I've raised the problem to sev 2,
which was as high as I could raise it.
> >Uh huh.
> >
> >> What makes this particularly interesting is that
> >> each change in state occurred right after I
> >> went to the web using IE5. I normally use Netscape.
> >
> >I'll bet dollars to doughnuts that nobody
> > at prudential has ever heard of you.
Bad bet. You haven't read my Resume have you. Unlike
so many of the Microsoft advocates who use pseudonyms
and avoid using personal names, I've been including
my URL which includes detailed information (including
telephone numbers, cell phone numbers, and detailed
biographies and resumes).
I worked at Prudential for almost 2 years, in the corporate
information technology department, helping to define standards
for the entire enterprise. I left Prudential to join IBM when
I found out that IBM was backing Linux.
As for which client I was working for at that time, it's
not difficult guess.
> Sounds like another troll grasping at straws.
I've written how many postings to this group?
Perhaps you simply assumed that it wasn't Rex Ballard
posting to the group. It's certainly possible, since
I post via Deja News (which could theoretically have
let someone who knew my userid and password post this
message).
> * Sent from RemarQ http://www.remarq.com
> The Internet's Discussion Network *
> The fastest and easiest way to search and
> participate in Usenet - Free!
--
Rex Ballard - Open Source Advocate, Internet
I/T Architect, MIS Director
http://www.open4success.com
Linux - 60 million satisfied users worldwide
and growing at over 1%/week!
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (John McKown)
Subject: Re: How many more viruses does Microsoft need to fix the problem?
Date: Sat, 6 May 2000 08:18:05 -0500
On Thu, 04 May 2000 20:04:14 -0400, mlw <[EMAIL PROTECTED]> wrote:
>
>OK, MS has more than ample warning, more than ample time to make sure
>that this sort of thing does not keep happening. What the F&^k guys? Is
>Microsoft so inept that they can't protect their own e-mail programs? I
>just don't understand why people are not going after MS in court. After
>all, if someone dies in a minor car accident, the car maker is usually
>held responsible. Why shouldn't a software maker be held responsible if
>they do not practice reasonable competence in security.
>
OK, I'll be flamebait <grin>.
This is not entirely Microsoft's fault. Microsoft created the concept
of being able to have a universal scripting language in all of their
products (come to think of it, so does Applixware). This is a good concept.
It allows a programmer to learn a language which can then be used to
customize almost all of their products. Unfortunately, Microsoft made the
language TOO POWERFUL. I cannot think of any reason why an applications
programmer, in a script, would need to create/delete/modify registry keys.
Most of the time that should only be done during a program installation,
at least in my opinion.
The main place where I see Microsoft being responsible is that Windows
just has crummy (or non-existant) security. Now, with Win2K, they have
"tightened" up some of this. I had to install Win2K on my home machine
(thankfully I could under VMWare). Of course, I installed with the
Administrator id (aka "root"). But in Win2K, I found that I could add a
user who could NOT install any software or update any "System files"
(Restricted User). I don't know if this is available under WinNT. I know
that it is NOT under Win9x. So maybe they're trying. Of couse, you must
shell out a lot of moola to upgrade to Win2K. And that may require upgrading
hardware. Lots of money! Especially in a corporate environment.
Will upgrading to Win2K "fix" this? No way. I like the people in the LAN
group at work (I'm in the dinosour (mainframe) group). However, I doubt
that they will put anybody in the "restricted user" group when they roll
out Win2K (if they do). Why? It is a "bother" to have to go to each PC
to install upgrades. So they modify the LAN login script to do it. I'm
not sure, but if the login script runs under the authority of the local
user, then the local user can't be "restricted" or this won't work.
So they'd have to personally go to each workstation to install new
software. No way. Especially since some user's are in a different state!
Home users won't use this for the same reason.
However, the main cause of this particular virus/worm exploding all over the
place is the fact that some people are using computers who are just plain
stupid. I received the ILOVEYOU virus at work. From somebody I don't even know.
Am I stupid enough to double-click on it? No way! What did people think?
Or are they that curious (I'm not!)? To me, double clicking on an email
attachment is like drinking some liquid that a stranger leaves on my door stop.
Who knows what that is? Why would I drink it? It may be water. But I'll
bet it isn't! I don't even like the fact that "work orders" are sent to me
via MS-Word attachments to email. Why do they use Word instead of just
typing in the requests? Because the programmers created a Word macro which
prompts the person for the information and creates a "pretty" request form.
Is this bad? Not really. The problem, again, is that this scripting language
is TOO POWERFUL.
Now for the flamebait!
This could happen to Linux! For some reason that I don't understand, a lot
of Linux people want Linux to become the universal desktop, replacing Windows.
To do this, Linux must give the average (foolish) user all the "advantages"
that they have under Windows. That includes "active content". And embedded
scripting languages. So now you have (for instance) an integrated office
suite. It has LinuxMail, LinuxWord, LinuxCalc, LinuxPresents, LinuxScript, etc
Users want to send their LinuxWord documents via LinuxMail. No problem.
Receiving users want LinuxMail to start up LinuxWord to view the document.
No problem. OOPS the LinuxWord document is a worm/virus written in LinuxScript.
Now is where the problem COULD occur. Due to demand, LinuxScript must be
very powerful. The vendor decides, what the hell, let's run LinuxScript as
setuid(root)! That will decrease the support calls due to Linux enforcing
security on files, won't it? Now the LinuxScript worm could replace any system
file and your Linux system is toast.
Knowing the PHBs that control IT, the above could happen. Especially if the LAN
folks are not really UNIX literate. What is "setuid(root)?" I can hear them
say.
All I'm saying is that although Microsoft has ignored security in favor
of "glitzy" features, the problem is and will always be mainly people. When
'Jill User' finally understands that there are people out there who get their
jollies from causing chaos, and decides to take some responsibility for her
own actions, then this sort of thing will become much less prevalent. But too
many people (especially in the US), are "feed me, bathe me, do everything
for me" types (wow, watch me get killed for that comment!).
"No system is fool-proof because fools are so ingenous."
John
------------------------------
From: [EMAIL PROTECTED] (John McKown)
Subject: Re: what's the best tool for linux to get IPs?
Date: Sat, 6 May 2000 08:51:38 -0500
On 28 Apr 2000 11:03:32 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
>I'm looking for a program to trace IPs on linux,
>one that get's by firewalls and stuff.
>Does any one know of a program like that?
>Thankx!!
If you want to trace what's coming into your own PC, then you can run
tcpdump against the eth0 (or eth1 or ppp0) interface:
tcpdump -i eth0
If you want to trace all the packets that are flowing around your ethernet
segment, then I think that the "etherape" program on http://freshmeat.net
will do what you want. I've not used this program, but just remember seeing
it there.
John
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
