Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

Linux very secure against viruses?

#7
(April 27th, 2020 at 11:37 PM)SpookyZalost Wrote: the majority of exploits, security flaws, etc with new releases are found very quickly and patched by dedicated users.  I'm sure Lain knows what I'm talking about.

Only for the base kernel, GNUtils, standard binaries/libraries, and SOMETIMES other system/root level daemons tbh.

Reminder that systemd has hardly been updated at all over the last two or three years, and we still find vulnerabilities that have been around forever and seem extremely trivial to either spot in the codebase or to exploit as an attacker. 

Never anything insanely hard to spot like some kind of writeable+executable memory segment that could be used for shellcode but you'll only find by analyzing every single thread and pointer. We're talking stuff like infinite loops with while(){continue;}, buffer overflows/mem corruption because they don't check whether it's dhcpv6 or dhcpv4, honestly really trivial stuff that can be found with any simple fuzzing framework in a couple hours, if you're lazy, but aren't really too difficult to spot or understand if you already have some experience with exploit dev.

So yeah, most of the barebones GNU/Linux  system (incl. GNUtils) gets patched pretty quickly or vulns never even make it to the RC/testing branches, and if they do, it's usually some really f*** bytecode/architecture-specific problem. I mean, when we were hearing about Spectre/Meltdown, there were a TON of Linux vulns also popping up that had similar behaviour even though they didn't actually follow any of the actual Intel/x86_64 related vulnerability whitepapers. And while ARM branches also got f*** by those bugs (i.e. not x86 specific like Spec/Melt) you could also note that RISC-V builds were entirely unaffected by all of them.

So yeah. Linux security might be better in that regard, but we're talking targeted attacks. I mean, most of the 'vulnerabilities' that get caught in typically root-level services are DoS at most. You could possibly escalate them to RCE if you have some shellcode to write outside the buffers, but then you also need to rely on the segment you're writing to to actually be executable, and ASLR mitigates that risk quite a bit, or at least forces the attacker to also write a NOP-sled in hopes that the shellcode can get to an executable location before the whole thing segfaults and you get a normal crash.

In other words, it's much more unlikely to find malware that exploits something low-level like that. 95% of the time, it's just some kid who found a cracked copy of NanoCore and is throwing download links to his payload at every single person he can online.
Reply


Messages In This Thread
Linux very secure against viruses? - by tc4me - April 27th, 2020 at 7:31 AM
RE: Linux very secure against viruses? - by s3_gunzel - April 27th, 2020 at 8:49 AM
RE: Linux very secure against viruses? - by tc4me - April 27th, 2020 at 8:55 AM
RE: Linux very secure against viruses? - by s3_gunzel - April 27th, 2020 at 9:55 PM
RE: Linux very secure against viruses? - by Lain - April 27th, 2020 at 10:05 PM
RE: Linux very secure against viruses? - by SpookyZalost - April 27th, 2020 at 11:37 PM
RE: Linux very secure against viruses? - by Lain - April 28th, 2020 at 12:08 AM
RE: Linux very secure against viruses? - by SpookyZalost - April 28th, 2020 at 12:36 AM
RE: Linux very secure against viruses? - by MeowsePad - May 3rd, 2020 at 7:35 PM
RE: Linux very secure against viruses? - by Divya165 - November 3rd, 2020 at 10:04 AM
RE: Linux very secure against viruses? - by s3_gunzel - November 5th, 2020 at 1:52 AM
RE: Linux very secure against viruses? - by SpookyZalost - November 5th, 2020 at 2:09 AM
RE: Linux very secure against viruses? - by s3_gunzel - November 5th, 2020 at 2:38 AM
RE: Linux very secure against viruses? - by SpookyZalost - November 6th, 2020 at 7:47 PM
RE: Linux very secure against viruses? - by Thomas - December 30th, 2020 at 6:46 PM
RE: Linux very secure against viruses? - by SpookyZalost - December 30th, 2020 at 9:33 PM



Users browsing this thread: 2 Guest(s)

Dark/Light Theme Selector

Contact Us | Makestation | Return to Top | Lite (Archive) Mode | RSS Syndication 
Proudly powered by MyBB 1.8, © 2002-2024
Forum design by Makestation Team © 2013-2024