Re: The long tail of vulnerable operating systems

[Darryl Luff <darryl () snakegully nu>]

-----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > So every CTF I've played recently (like the one at CSI last week) has a
> > target set of Windows 2000 and extremely old Linux (say, RedHat 8). I'm
> > pretty sure that on any modern network you don't find a whole lot of
> > either of these. There's always the people who still run NT4 and SCO
> > OpenServer, but you have to look pretty far for them. But yet, no real
> > remote exploits exist for Fedora Core 1, much less 7. Solaris has XFS
> > and a few other remotes, but no one runs Solaris any more except the US
> > Government, that I can tell. Even assuming you see some Solaris or AIX
> > or whatever, you end up being so deep in the network already to find it
> > that you've already got all the passwords and don't need exploits.
> >
> > But old operating systems will continue to live forever in CTF, I assume.
> >
> >     
I know at least three machines that were until the last year or so 
running Win95 or 98. And they seemed to be spotless. No sign of browser 
redirectors or other annoyances, and they'd been used on the Internet 
for years, though admittedly only on dialup.

One was replaced a year or so ago with an XP machine that was within a 
couple of weeks infested with malware. The other two were eventually 
shut down still 'clean' as far as I know.

On the Linux side I know of a RedHat 6.3 machine which until about 6 
months ago was a primary DNS server, running the standard RedHat 
distributed bind and permanently online. It was shutdown 'clean' too as 
far as I could tell.

The moral I guess is if you're going to use old OS's, use REALLY old 
ones. If someone really wants to get you they will, but the mass market 
infectors will probably pass you by. Where did I put that stack of OS/2 
floppies?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave