, 2001-11-28
Nine out of ten digital desperados choose a Unix flavor for their attack boxes. You don't have to wear a black hat to understand why
Expand all |
Post comment
|
Black Hats Prefer Linux
, 2001-11-28 Nine out of ten digital desperados choose a Unix flavor for their attack boxes. You don't have to wear a black hat to understand why
Expand all |
Post comment
|
|
|
Privacy Statement |
When insecure.org did a survey of their "top fifty" security tools, it turned out that fewer than ten of those tools run on Windows, with half of those being commercial products. Not one Windows tool made their top five.
Not everyone on Insecure.Org's mailing list is a black hat. Most of the people on this list can actually code and know plenty about IP.
The security of your own system would be paramount: after all, one who attacks other systems (and, more often than not, engages in feuds with other black hats) becomes an obvious target for attacks themselves. In order to protect yourself, you would need to be able to discover everything running on your system and have the ability to turn off every service you don't use. Flexible packet filtering would be a must, so as to block both probes and full-fledged attacks from other sites.
Most black hat ./hackers I have met barely know anything worthwhile about Unix, or for that fact Linux. This is changing because of the whole anti.sec movement. Black hat hackers are becoming more and more sophisticated as the years progress.
Ease of development would be crucial. After all, there are few off-the-shelf products that can actually penetrate remote systems. While there are commercial systems that scan for vulnerabilities, they are often slower to respond and more difficult to customize than their open-source competitors.
How very true. I found that Nessus is/was more configurable than the likes of Retina.
They also choose OpenBSD, FreeBSD, and other open source Unix flavors. Why? Because Unix provides the security, reliability, ease of development, and ease of automation required for monumental tasks managed by a minimum number of people.
The only mass amount of ./idiots I saw cracking FreeBSD machines was when the OpenSSH CRC exploit code was making rounds on IRC. The attackers probably didn't even use these FreeBSD machines as springboards.
It's not unusual for one script kiddie to control hundreds or thousands of denial of service zombies, and it's certainly not unusual for one script kiddie to crack thousands of systems with a single automated exploit.
Or is it?
http://defaced.alldas.de/?attacker=Silver+Lords
http://defaced.alldas.de/?attacker=woh
Why worry about what black hats use? Because if black hat hackers use a tool, it's likely to be flexible, robust, extensible, and secure. And you don't have to be bad to want good tools.
More and more tools are staying private anymore. I don't like this personally, but I do this myself either because I am too lazy to release it or it's not out of the development stages.
I think this article has some truth to it, but parts of it are far away from the truth. I think this a good subject to discuss.
Great article!
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/42/9254#9254