Windows vs. Linux
- Thread starter lhuser
- Start date
Quinton McLeod
In Runtime
- Messages
- 299
RewtGuy said:Linux has executables. Hell you can even rename your executable .exe and run it. Don't believe me?
rewtguy@linsensi ~ $ echo -e '#!/bin/bash \n echo "Linux Executable"' > bleh.exe && chmod +x bleh.exe && ./bleh.exe
Linux Executable
/me loves how people feel they "MUST" defend their OS of choice
Maybe I should get a bucket of popcorn and watch everyone fight it out...
Well said.
Firsr of all, you had to make the file executable. Linux does have executable files, but in order for them to execute, they have to be made executable. You were able to make it executable with chmod +x... However, once the file is executable, it wouldn't automatically have root access to the machine. If it does do damage, it'll only be on that account.
JustinMcG67
BSOD
- Messages
- 2,519
I prefer Linux over Windows any day. I'm new to Linux, but from what i can tell I'm not getting anywhere near the amount of spyware, viruses, adware, or any file that practically targets your PC to harm it. Linux is also a lot more stable from what I can tell. I used to be getting error after error when trying to establish a network through Windows, but when I tried establishing a network with Linux, Fedora Core 4 might I add, it worked flawlessly the first time!
Before that I had to spend on average, at least 2 hours trying to set up the network. Window's to me is used for peopel who don't know a lot about computers, which is why they have so many built in functions to help peopel with disabilites; such as hearing, sight, and typing. Linux is more targeted for peopel who might know a thing or two about PCs. The most difficult thing to learn in Linux is the Terminal and how to properly use it. Even then, there's about a million fourms out there that contain so much information on how to use it it's crazy!
The fact that Fedora Core 4 on there is just weird. It's one of the best Linux distros out there.
Before that I had to spend on average, at least 2 hours trying to set up the network. Window's to me is used for peopel who don't know a lot about computers, which is why they have so many built in functions to help peopel with disabilites; such as hearing, sight, and typing. Linux is more targeted for peopel who might know a thing or two about PCs. The most difficult thing to learn in Linux is the Terminal and how to properly use it. Even then, there's about a million fourms out there that contain so much information on how to use it it's crazy!
The fact that Fedora Core 4 on there is just weird. It's one of the best Linux distros out there.
Umm wrong. Chmod changes PERMISSIONS. Has nothing to do with making it executable. It gave EVERYONE permission to execute it. if I wanted to skip chmod, I could su to root and run it without having to change permissions...
rewtguy@linsensi ~ $ su
Password:
linsensi rewtguy # echo -e '#!/bin/bash \n echo "Linux Executable"' > bleh.exe && ./bleh.exe
Linux Executable
Files have to be made executable huh? Same thing for Windows. What do you think a "COMPILER" is for.
Also. Just cause a script doesn't run under root doesn't mean the system can't be compromised. You don't need root privileges for every attack.
Try and learn something before you speak next time. You're saying completely untrue things . How can you educate us about the topic when you're uneducated yourself?
Quinton McLeod
In Runtime
- Messages
- 299
RewtGuy said:Umm wrong. Chmod changes PERMISSIONS. Has nothing to do with making it executable. It gave EVERYONE permission to execute it. if I wanted to skip chmod, I could su to root and run it without having to change permissions...
rewtguy@linsensi ~ $ su
Password:
linsensi rewtguy # echo -e '#!/bin/bash \n echo "Linux Executable"' > bleh.exe && ./bleh.exe
Linux Executable
Files have to be made executable huh? Same thing for Windows. What do you think a "COMPILER" is for.
You're honestly an idiot.
Why even show pics if you're not even running a program?
For one thing, you're doing an echo. All echo does is repeat what you type there. In this sense, you're building a script via echo, but you automatically assume possession of that file the moment you make it through root.
Also, programs have to be made executable by changing the executable permission on a file. This is obvious. However, if it's not executable first through permissions, it won't run. Linux makes all files that you download non executable by default.
Also, even if you ran a program as root, you still have to set the file to execute. Here is an example
777
Assuming that root owns the file; the first 7 is specially for root. If this is 7, then the super user can do whatever he wants.
477
Now, the file is not executable... Even to root. This is because 4 stands for "read only". The file can be opened through a 3rd party program, but it cannot be executed.
True, but it makes compromising the system that much harder because the program's abilities are limited by the powers of the current user. This makes an unstable environment for a virus or a total system compromise
Why don't you quit flaunting your knowledge of Linux while confusing other people. Confusing other people is never going to make your side of the argument right; because you're dead wrong.
Sorry if you took offence to my previous post. I didn't mean for this to turn out into a flame war.
Yes you're completely right about changing permissions. Although it doesn't "make" the file executable or not. It just allows you to execute it.
Sort of like this, you ask your parents for your car keys. They say no. This doesn't change your ability to drive the car. Just don't have permission to. While a program may be able to be executed (script or program). It just doesn't have permission to.
chmod changes the permissions of each given file according to mode
Stright from man pages.
Yes you're completely right about changing permissions. Although it doesn't "make" the file executable or not. It just allows you to execute it.
Sort of like this, you ask your parents for your car keys. They say no. This doesn't change your ability to drive the car. Just don't have permission to. While a program may be able to be executed (script or program). It just doesn't have permission to.
chmod changes the permissions of each given file according to mode
Stright from man pages.
A script still executes. If you really wanted I can redo them in c/c++.
I used echo so people would know what script consist of.
Just cause a script / program is limited to an account doesn't limit its damage to that user. The difficulty is dependant on four variables, skill of admin securing it, time / effort, skill of attacker, and persistance / determination. For example you could, without root privilages, write something that could listen to input devices (key logger) or get a long string from urandom and be able to predict characters making urandom based things unsecure. Unlikely, but possible.
If anybody finds anything I'm saying cryptic or confusing please take the liberty of messaging me, with a link / quote and I'll be more than happy to help you understand to the best of my ability.
I disagree.
Quinton McLeod
In Runtime
- Messages
- 299
RewtGuy said:
You're not being flamed :/
Lets be honest with ourselves. Exe Window files are not the same as script files. Even though you can execute a script, you can read the source code provided. An executable file is precompiled, while your example was not compiled. It was interpreted.
I also wasn't debating the fact on whether chmod changed permissions or not. I understand that it controls permissions of a file and not the properties of the file (whether the file is an executable binary file or a ascii text file). When it comes to executing binary files, you have to first give it permission. This applies to binary, as any binary file you download into Linux via the Internet does not have permission to execute.
That is precisely correct! It "depends" on certain circumstances. Compared to Windows, circumstance to allow a virus to wreak havoc is always in favor of the virus/attacker. With Linux, the case may not be visible; as these circumstance are completely random and unpredictable.
You could put up a keylogger in Linux. This is true... But hiding the logs from the root would be nearly impossible. Putting a keylogger in Linux and making the keylogger consistent is hard.
For example: Lets say you wanted to put a keylogger on someone's Linux machine. You can't make the keylogger run each time the computer restarts because you cannot add the program to the start.rc or inet.rc without triggering a log that you don't have permission to modify. You also can't have the keylogger access the internet to send off the keylogging data without triggering a log. Setting up a keylogging program would need for you to return back to the computer to receive the data and if the admin were to detect an odd program loaded in memory and examine it (most likely it'll be a script), then you're screwed.
Windows on the other hand is so easy to install a keylogger. You can make programs that hide from Windows itself (you can in Linux too, but it's much harder due to the fact that Linux's environment is very hostile to foreign programs that hide from the file system). Programs in windows can completely mask itself, even from the admin! And not only that, but the program immediately will have root access to everything.
OK..
Console access is alvays on a tty device, you can easily scan these to detect programs. just as you can easily scan the keyboard buffer in windows...
windows 0 /1
Linux 0/1
On windows you can instal a keylogger, the system asks no questions abauot programs being installed.
On linux you can install a program, the syste asks no questions about programs being installed, (installed mening coppide to a location on the harddrive
windosw 0 /2
Linux 0/2
On windows (assuming you are using an administrative account) you can execute anything that is excecutable.
On Linux (assuming you are using an adminstrative account) you can execute anything that is executable.
Windows 0/3
Linux 0/3
Windows can be set up to log internet traffic
Linux can be set up to log internet traffic
windows 1/4
Linux 1/4
On windows programs can be called something seemingly important to try to avoid detection, windows makes no checks that a program called llsas.exe is actually the same system file that it needs.
On Linux programs can be called something seemingly important to try to avoid detection, Linux makes no checks that a program called apache/vi/tty1 is actually the same file that it would normally be running.
windows 1/5
linux 1/5
So there we have the five main things that a keylogger would do.
Assuming both systems are setup and used the same
they both failed abismally...
the only point they each scorred was that they *could* be set up to log internet access.
Of course could doesn't necessarily mean does... and doesn't even make sure that you are checking yuor logs for nithernet access either...
There is however some saving grace in that both wnidows and (most distos of linux) have built in firewalls...
the only difference there benig that the windosw firewall will actually warn you of an unidentified process trying to accesss the internet...
All in all both systems are much the same from the point of view of securty, they both suffer from the exact same weaknesses when they are setup and usde in the same way...
There was a link I posted some time ago to a security report about how an executable could be executed with root privellages when logged as a normal user...
now was that the fault of linux, of the fault of thunderbird for wrongly procesing mail attachments?
System instability is (overall) more the fault of programs running on the system rather than the system...
for all you who A, have a c compiler...
and B, want to see the point prooved
first lok at this...
works fine... allocates a memory space, reads and writes within that memory space...
now see this...
On windows XP, this should cause an error and cause the program to ext, OS will be fine...
Windows 98 this will blue screen,
will crash (ie BSOD equiv on early Mac versions, and I've not seen the results on Linux...
but believe me, if it doesn't crash, (either the program or the system, then the implications are much worse)...
Console access is alvays on a tty device, you can easily scan these to detect programs. just as you can easily scan the keyboard buffer in windows...
windows 0 /1
Linux 0/1
On windows you can instal a keylogger, the system asks no questions abauot programs being installed.
On linux you can install a program, the syste asks no questions about programs being installed, (installed mening coppide to a location on the harddrive
windosw 0 /2
Linux 0/2
On windows (assuming you are using an administrative account) you can execute anything that is excecutable.
On Linux (assuming you are using an adminstrative account) you can execute anything that is executable.
Windows 0/3
Linux 0/3
Windows can be set up to log internet traffic
Linux can be set up to log internet traffic
windows 1/4
Linux 1/4
On windows programs can be called something seemingly important to try to avoid detection, windows makes no checks that a program called llsas.exe is actually the same system file that it needs.
On Linux programs can be called something seemingly important to try to avoid detection, Linux makes no checks that a program called apache/vi/tty1 is actually the same file that it would normally be running.
windows 1/5
linux 1/5
So there we have the five main things that a keylogger would do.
Assuming both systems are setup and used the same
they both failed abismally...
the only point they each scorred was that they *could* be set up to log internet access.
Of course could doesn't necessarily mean does... and doesn't even make sure that you are checking yuor logs for nithernet access either...
There is however some saving grace in that both wnidows and (most distos of linux) have built in firewalls...
the only difference there benig that the windosw firewall will actually warn you of an unidentified process trying to accesss the internet...
All in all both systems are much the same from the point of view of securty, they both suffer from the exact same weaknesses when they are setup and usde in the same way...
There was a link I posted some time ago to a security report about how an executable could be executed with root privellages when logged as a normal user...
now was that the fault of linux, of the fault of thunderbird for wrongly procesing mail attachments?
System instability is (overall) more the fault of programs running on the system rather than the system...
for all you who A, have a c compiler...
and B, want to see the point prooved
first lok at this...
Code:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
void main()
{
int x, from, to, page;
unsigned char *space;
space = (char *)malloc(0x10000);
if(space==NULL)
{
printf("\n\n\rCannot allocate memory, please try again later\n\n\r");
exit(1);
}
printf("writing Memory\n\n\r");
printf("writting to memory location.\n\r");
for (x=0;x<=65535;x++)
{
*(space+x)=x;
printf("%d\r",x);
}
printf("Reading Memory\n\n\r");
from = 0;
to = 65535;
printf("\n\n\rAddress\tHex\t\t\t\t\tAscii\n\r");
for (x=from;x<=to;)
{/*print the start of the line, to and from line adresses and hex information*/
page=page+1;
printf("%5ld\t",x);
for (z=0;z<=11;z++)
{
if ((z+x>to)||(z+x>65535)) /*check if address is outside of allocated memory range*/
{
printf(" _ "); /*if it is outside of range print _*/
}
else
{
printf("%2x ",*(space+x+z));
}
}
printf("\t");
for (y=0;y<=11;y++)
{
if (y+x>to) /*check if address is outside of allocated memory range*/
{
printf("_ "); /*if it is outside of range print _*/
}
else
{
if ((*(space+y+x)<127)&&(*(space+y+x)>33)) /*check if charector is printable*/
{
printf("%c ",*(space+x+y));
}
if ((*(space+y+x)>127)||(*(space+y+x)<33))
{
printf("* "); /*if charector is not printable then print star */
}
}
}
printf("\n\r");
x=x+12;
if (page==20)
{
printf("press C to continue or X to exit");
scanf("\n%c",&choice);
fflush(stdin);/*fluses out multiple entries*/
choice[0] = toupper(choice[0]);
if (choice[0]=='X')
{
exit(1);
}
page=0;
printf("\n\n\rAddress\tHex\t\t\t\t\tAscii\n\r");
}
}
}now see this...
Code:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
void main()
{
int x, from, to, page;
unsigned char *space;
space = (char *)malloc(0x10000);
if(space==NULL)
{
printf("\n\n\rCannot allocate memory, please try again later\n\n\r");
exit(1);
}
printf("writing Memory\n\n\r");
printf("writting to memory location.\n\r");
for (x=0;x<=65535;x++)
{
*(space+x)=x;
printf("%d\r",x);
}
printf("Reading Memory\n\n\r");
from = 0;
to = 65545;
printf("\n\n\rAddress\tHex\t\t\t\t\tAscii\n\r");
for (x=from;x<=to;)
{/*print the start of the line, to and from line adresses and hex information*/
page=page+1;
printf("%5ld\t",x);
for (z=0;z<=11;z++)
{
printf("%2x ",*(space+x+z));
}
printf("\t");
for (y=0;y<=11;y++)
{
if ((*(space+y+x)<127)&&(*(space+y+x)>33)) /*check if charector is printable*/
{
printf("%c ",*(space+x+y));
}
if ((*(space+y+x)>127)||(*(space+y+x)<33))
{
printf("* "); /*if charector is not printable then print star */
}
}
printf("\n\r");
x=x+12;
if (page==20)
{
printf("press C to continue or X to exit");
scanf("\n%c",&choice);
fflush(stdin);/*fluses out multiple entries*/
choice[0] = toupper(choice[0]);
if (choice[0]=='X')
{
exit(1);
}
page=0;
printf("\n\n\rAddress\tHex\t\t\t\t\tAscii\n\r");
}
}
}On windows XP, this should cause an error and cause the program to ext, OS will be fine...
Windows 98 this will blue screen,
will crash (ie BSOD equiv on early Mac versions, and I've not seen the results on Linux...
but believe me, if it doesn't crash, (either the program or the system, then the implications are much worse)...
SLIPKNOTN21
BSOD
- Messages
- 280
I use windows but im currently downloading knoppix to give it a try
Similar threads
