On Tue, 4 May 2004, chuck goolsbee wrote:
So maybe they WOULD be better with a "WebTV" model.
Or a Macintosh.
or a cheap Lidel or WalMart PC with Fedora 1 on it. Epiphany, Evolution and OpenOffice would keep vast majority of the basic computer users happy. Distributions like Fedora[0] are pretty much invulnerable to mass, automated worm infections[1]. Automated worms would literally be a thing of the past if everyone switched to Fedora, RHEL or if the current dominant OS vendor adopted similar measures (apparently they will be). Judging by the amount of packets (couple per s) I get in to common vulnerability ports, there are a lot of worm infected machines out there: # iptables -L scans -v | awk 'BEGIN { printf ("\n%5s %6s %4s %20s\n", "pkts", "bytes", "prot", "dest port"); } NR > 2 && $1 ~ /^[0-9]/ { sub (/^dpt:/, "", $11); pkts += $1; bytes += $2; printf ("%5d %6d %4s %20s\n", $1, $2, $4, $11);} END { printf ("----- ------\n%5d %6d\n", pkts, bytes);}' pkts bytes prot dest port 1721 82856 tcp microsoft-ds 874 42008 tcp 135 455 21944 tcp netbios-ssn 322 15456 tcp 3127 36 1788 tcp ms-sql-s 661 31776 tcp 2745 309 14832 tcp 6129 82 3960 tcp swat 427 20556 tcp 1025 263 20514 udp netbios-ns 36 14544 udp ms-sql-m ----- ------ 5186 270234 that's maybe an hours worth or less of counting too. And what uses TCP ports 1327 and 2745? 0. http://people.redhat.com/drepper/nonselsec.pdf[2] 1. Though not to trojans which attack human vulnerabilities obviously, or non buffer overflow attacks, eg scripting language vulnerabilities, though these are rare. 2. Obviously, the 2 main mechanisms described in the paper originate elsewhere in concept, but Fedora is probably the first OS of sufficient use to a basic computer user to put it all together. regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A warning: do not ever send email to spam@dishone.st Fortune: QOTD: Money isn't everything, but at least it keeps the kids in touch.