At 4/23/01 02:36 PM -0400, you wrote:
>I recently posted a way to check your system so verify a hack attack. I
>did forget to mention that MIPS processor systems are unaffected by
>almost all hack attacks. They use a different type of processor and
>therefore are not affected the same way.
Bullshit. Utter, complete, unadulterated bullshit.
The processor architecture is different and the processor code is
different; hence, programs need to be recompiled to run on those
processors. That is the extent of the difference.
The *consequence* of that difference, together with the fact that most
script kiddies are actually stupid and are only trying stuff they
downloaded (compiled for the x86 architecture) means that those rootkits
and worms *compiled* for x86 won't work. This is probably over 90% (maybe
99%) of hack attempts.
HOWEVER, this does not make you "safe" in any way. Bind, for example, is
subject to the same vulnerabilities on all platforms. So are most programs;
the only difference is that a stupid script kiddie will not then be able to
get his favorite rootkit to run. But a hacker with any education at all, or
a stupid script kiddie with a MIPS-compiled tool, will still rape you
quicker than you know...
...particularly if you subscribe to the bloody stupid myth that "MIPS
processors are unaffected by almost all hack attacks" and thus proceed to
develop a false sense of security or, even worse, instilling such a thing
in others.
>Sorry for the confusion. All of you with MIPS can breathe a sigh of
>relief. =)
More like "All of us with MIPS can thank God for small mercies, and worry
about false information."
I know you meant no ill, Bill, but the wording of your email can do a great
deal of damage to people adminning MIPS-based systems who then put their
feet up and smoke a cigar instead of being paranoid. The content of your
message is, indeed, bullshit, and dangerous bullshit which needs to be
refuted quickly and strongly; I hope it's clear that I'm not attacking you
personally. :)
--
Rodolfo J. Paiz
[EMAIL PROTECTED]
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
