- It's the applications, stupid
- Will a whitelist save personal computing?
- Thousands of Web sites under attack
- To solve the unsolvable problem
- Re-thinking the security of virtual machines
- Security Development Lifecycle trumps code complexity
- Is your Web site FIPS compliant?
- Computer security: Why have least privilege?
- Strategic security: Get a handle on authentication
- Control user installs of software
March 06, 2006 | Comments: (0)
Mac Hacked in less than 30 minutes
Any OS is hackable
http://www.zdnet.com.au/news/security/soa/Mac_OS_X_hacked_in_less_than_30_minutes/0,2000061744,39241748,00.htm
Yes, I know this article or contest doesn't really prove anything. This doesn't mean I'm believe that Macs are more insecure than Windows. Quite the contrary. I'm pointing out that Macs have many exploits yet to be discovered and aren't mysteriously MORE SECURE than Windows. Whatever is popular will be hacked. The more popular something is the more hacked it will be. Some OSs might be more secure than another, but we've yet to come across a popular OS (except maybe some of the high security BSD flavors) that wasn't a ripe target for hackers.
Posted by Roger Grimes on March 6, 2006 02:39 AM
RATE THIS ARTICLE:
-
- COMMENTS
I thought those things were unbreakable??
Dshield Posting of Another Successful Mac OS X attack:
------------------
Greetings,
We got a new phishing email this morning (so, what else is new?) that resulted in my learning of a new attack (well, at least new to me) against ssh.
When I contacted the system's netblock owner, they indicated that the compromised box was a MacOS/X system and they had already shut down the box. I got to talking to their security person and he indicated that the box was compromised via a brute force ssh attack. Apparently, there are botnets that do distributed brute force ssh attacks, hitting on all possible combinations of password characters up through 14 character lengths.
Anyone else heard of and/or been a victim of this attack? If so, would you be willing to share the details and new countermeasures implemented?
So, I guess it is time to change all of our ssh passwords to 15 or 16 chars!
Or, I seem to remember that MD5 hashed *nix passwords can be up to 128 chars... so maybe our passwords should now become paragraphs?
I guess what is really needed is some PAM-based authentication failure account lockout schema. I don't see any modules to this in default FC/4 or Solaris 9/10 distros. Anyone know if this can be done and/or how to do it?
---------------------------
What this shows is that we all have common problems.
Posted by: Roger A. Grimes at March 6, 2006 06:05 PM
