Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Re: The long tail of vulnerable operating systems
From: Darryl Luff <darryl () snakegully nu>
Date: Wed, 14 Nov 2007 21:25:16 +1100
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

So every CTF I've played recently (like the one at CSI last week) has a
target set of Windows 2000 and extremely old Linux (say, RedHat 8). I'm
pretty sure that on any modern network you don't find a whole lot of
either of these. There's always the people who still run NT4 and SCO
OpenServer, but you have to look pretty far for them. But yet, no real
remote exploits exist for Fedora Core 1, much less 7. Solaris has XFS
and a few other remotes, but no one runs Solaris any more except the US
Government, that I can tell. Even assuming you see some Solaris or AIX
or whatever, you end up being so deep in the network already to find it
that you've already got all the passwords and don't need exploits.

But old operating systems will continue to live forever in CTF, I assume.

    

I know at least three machines that were until the last year or so 
running Win95 or 98. And they seemed to be spotless. No sign of browser 
redirectors or other annoyances, and they'd been used on the Internet 
for years, though admittedly only on dialup.

One was replaced a year or so ago with an XP machine that was within a 
couple of weeks infested with malware. The other two were eventually 
shut down still 'clean' as far as I know.

On the Linux side I know of a RedHat 6.3 machine which until about 6 
months ago was a primary DNS server, running the standard RedHat 
distributed bind and permanently online. It was shutdown 'clean' too as 
far as I could tell.

The moral I guess is if you're going to use old OS's, use REALLY old 
ones. If someone really wants to get you they will, but the mass market 
infectors will probably pass you by. Where did I put that stack of OS/2 
floppies?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]