Re: [Nolug] Radius & Tacacs+

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Thu, 15 Jan 2009 11:11:28 -0600
Message-ID: <496F6E40.4050304@puryear-it.com>

I'm still confused. Are you arguing that Windows desktops are insecure?
If so, I generally agree. However, I don't get what adware has to do
with AD.

Ron Johnson wrote:
>
> Did you read the article? The section "Can you tell me more about your
> strategies for persistence?" shows that no matter what MSFT does, it
> will always be a big security nightmare.
>
> We then made a bootstrapper, which was a tiny tiny piece of code
> written in Assembler which would decrypt the executable in
> memory, and then just run it. At the same time, we also made a
> virtual process executable. I’ve never heard of anybody else
> doing this before. Windows has this thing called Create Remote
> Thread. Basically, the semantics of Create Remote Thread are:
> You’re a process, I’m a different process. I call you and say
> “Hey! I have this bit of code. I’d really like it if you’d run
> this.” You’d say, “Sure,” because you’re a Windows process–
> you’re all hippie-like and free love. Windows processes, by the
> way, are insanely promiscuous. So! We would call a bunch of
> processes, hand them all a gob of code, and they would all run
> it. Each process would all know about two of the other ones.
> This allowed them to set up a ring … mutual support, right?
>
>
> On 01/15/09 10:24, Dustin Puryear wrote:
>> I'm not sure what adware has to do with AD? That's like not running
>> OpenLDAP because of the Morris worm.
>>
>> I would be interested in hearing Shannon's reasons why AD is bad. I'm
>> always interested in hearing the pros and cons of various directory
>> products.
>>
>> Ron Johnson wrote:
>>> On 01/15/09 10:04, Shannon Roddy wrote:
>>>> On Thu, Jan 15, 2009 at 9:45 AM, Dustin Puryear
>>>> <dustin@puryear-it.com>wrote:
>>>>
>>>>> Normally, if a shop is just anti-AD, then I may see something like:
>>>>>
>>>>>
>>>> There are more reasons not to use AD than just being anti-AD.
>>>>
>>> Being pro-security?
>>>
>>> (This, while focused on the desktop, is a pretty damning of Windows.)
>>>
>>> http://philosecurity.org/2009/01/12/interview-with-an-adware-author
>>>
>>> S: In your professional opinion, how can people avoid adware?
>>>
>>> M: Um, run UNIX.
>>>
>>
>
>

-- 
Dustin Puryear
President and Sr. Consultant
Puryear Information Technology, LLC
225-706-8414 x112
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
  http://www.puryear-it.com/pubs/linux-unix-best-practices/
___________________
Nolug mailing list
nolug@nolug.org
Received on 01/15/09

This archive was generated by hypermail 2.2.0 : 02/17/09 EST