OSNews:

This isnt the first time Google has been used for this..

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 19:26:00 GMT

http://www.webuser.co.uk/news/56950.html

Worm attack makes Google squirm
July 27, 2004
Web User

Creative?

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 19:30:00 GMT

Yet, the Santy worm sported a relatively new "feature": it was using the Google search engine in order to automatically find its next victims; as far as I know, this might well be the first time such a creative use of search engines has been adopted by a worm spotted in the wild.

Is using a search engine to.. search really a creative usage of a search engine :-)

Solution...

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 19:55:00 GMT

The solution against Santy...

mod_security
http://www.hup.hu/modules.php?name=News&file=article&sid=76...

yeah

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:06:00 GMT

We battled the phpBB exploits for 8 hours.
cPanel did not release a new version of PHP for us in time to dodge the attacks. We defeated everything though.
Right now I would urge everyone to upgrade PHP before your machines are compromised.

RE: Solution...

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:10:00 GMT

mod_security can cause some huge headaches to server admins. It comes packaged with some server administration software that makes it easier to manage though.

I get plenty of customers that bug me about turning off safemode but I always direct them to get a virtual or dedicated server or to use a different service. So yeah, php safemode should be on.. you can turn it off in httpd.conf per site if you wish.

RE: Solution

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:36:00 GMT

mod_security is greet tool against malicious GET and POST requests. works fine for me.

you need only custom rule for Santy

Check this:
http://www.modsecurity.org/blog/archives/000046.html

Re: Solution..

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:38:00 GMT

..don't use php. I mean, a bug in the *addslashes()* function wich is there exactly to avoid security problems?
In the tenth stable version of a software?
Anyway, IIUC Santy.B uses AOL and MSN

My server was hit with this

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:39:00 GMT

Its terrible, it overwrote all html and php files on my drive... very, very nasty. I'd gladly form a lynch mob with a few others and find this guy that wrote it. :-D

Safemode

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:42:00 GMT

No, you put safemode on or off, besides relared configuration, in PHP's configuration file; e.g. /etc/php4/apache/php.ini -- i applaud your efforts regarding of putting and keeping it on though. One could even put it off for specific directories IIRC, but i'm not sure on that.

As for this worm, its not that revolutionary. OpenSSH, BIND, Apache, Sendmail have all been targetted in the past. The fact its a Perl worm is quite unique afaik. The fact its something which customers who host their site and/or forum elsewhere are targetted instead of a system-wide daemon is quite interesting though. Interesting in that sense, that its interesting to see how people are gonna solve this.

RE: Solution

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:44:00 GMT

"..don't use php."

FYI: osnews.com uses PHP. aproximatelly 60% of web pages uses PHP.

RE: My server was hit with this

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:48:00 GMT

Now you know how windows users feel... Imagine worms and other similar problems bi-weekly.

RE: Solution

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 20:54:00 GMT

Your friends:

mod_security, noexec mount on /tmp, chmod 550 wget, rule for lwp trivial, and LWP::Simple HTTP_USER_AGENT, etc. and of course patch your phpBB installation:

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

Hmmmm....

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 21:46:00 GMT

....worms written using open source software...

What is the world coming to?

Use of perl notable....

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 21:55:00 GMT

Hackers so far have not used perl, but it is as capable as ANY program/exploit written in C. Perl can do bitwise manipulations, and can call any kernel function. Perl scripts can also be run off file systems with the noexec bit set.... Perl is installed on lots of Linux boxes, as it is required to do package management (Debian for example - perl-base package, can't remove?)

RE: Solution

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 22:38:00 GMT

"aproximatelly 60% of web pages uses PHP. "=

What is that based on?

Damn.

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 22:55:00 GMT

I can respect the engineering behind the worm, but honestly I believe that all these little pukes who write worms, viri, etc. should be forced to pay outrageously huge fines, like say starting in the area of $50,000 per instance of the worm, and then they should spend some time in jail.

RE: harper (IP: ---.port.east.verizon.net)

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 23:13:00 GMT

Welcome to evolution. Besides this is a social problem. Solve that and it will go away (at best background noise).

RE: My server was hit with this

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 23:23:00 GMT

BACKUP BACKUP BACKUP

It shouldn't matter much if your files were overwritten, you should have a backup of them readily accessable. If anything this worm taught some smaller operators to start backing up. In most cases the only downtime would be to rebuild the directory. I know we used to have hot spares of important servers for a situation like this, they were not on the network so a worm or virus couldn't get to them. If something hits and takes down the server, implement a quick patch, and get the hot spare up and running.

Best of luck on your repairs.

Santy source

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 23:43:00 GMT

You can see the source here (and many other places):

http://vdb.dragonsoft.com/exploit/Santy.A.html

It's only about 200 lines long. I wish they would indent properly!

Heh

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 23:44:00 GMT

Funnily enough, when I pasted it in to an editor and saved it so I could put in proper indentation, Kaspersky comes up with an alert!

RE: My server was hit with this

donotreply@osnews.com (Anonymous) — Tue, 28 Dec 2004 23:50:00 GMT

Hi there

I agree with he back up server idear where the users
feel a slow down wile the main server is patched or being
repaired (the second should not realy happen often)

The problem is money, even though companies have a big enough budget they oftern don't want to take the safe path
as the manager who signs it off can't see a quick return.

It good to see that the VXers are doing something new to keep
IT departments on their tose.

Worms - not just for Windows anymore :)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 00:51:00 GMT

And they swore that worms like this couldn't spread on a Unix system - HA!! Like I always said, where there's a will, there's a way.

Re: Worms - not just for Windows anymore :)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 01:04:00 GMT

"And they swore that worms like this couldn't spread on a Unix system"

Who swore that? And what made you believe so-called worms were ever Windows-only in the first place? The first worm ever was in 1989, for Sendmail (before NT). You know Sendmail?

What happened to all those 'eyes' on 'Open Source'

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 02:26:00 GMT

I was under the impression that 'Open Source' could never suffer such a tremendous attack of this nature. With all the source code available this could never happen.

This is just the beginning since they found out that it is possible to drop it to its knees, it is going to be all out rampage.

I also find it amazing, NO one is even bashing them, saying their code is cobbled up like they bash Microsoft.

Goes to show, Open Source has tons of holes, just now people are taking interest in having some fun with it.

So I guess when Open Source get infected, it is 'ok' since all of the eyes are on it.
Whatever, I will be laughing on the next outbreak, the unlimited possibilities with PERL scripts are amazing.

ha ha ha

RE: The Facts

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 02:30:00 GMT

Add up all the times worms like this have worked well against opensource...then add up all the times they have worked against windows. Until those numbers start to get even close to the same you can shut up.

@dpi

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 02:42:00 GMT

Who swore that? And what made you believe so-called worms were ever Windows-only in the first place? The first worm ever was in 1989, for Sendmail (before NT). You know Sendmail?

lol people are a trip. If the shit is only coming out on windows *nix people take a high and mighty attitude about how it "dosen't happen to them".

Then when it does happen they want bragging rights about it happening to them first!

This place is hilarious!

@RaVen

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 02:45:00 GMT

Add up all the times worms like this have worked well against opensource...

I've got better things to do - you go for it.

then add up all the times they have worked against windows.

Got better things to do and honestly don't give a shit.

Until those numbers start to get even close to the same you can shut up.

Why don't you go review some code so this shit never happens again mmm k ?

RE: MoronPeeCeeUSR

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:01:00 GMT

"Why don't you go review some code so this shit never happens again mmm k ?"

Actually...I do ..however this will always happen. Code will have holes and all of them won't be caught. What makes the difference is how many holes there are and how quickly they can/and are patched. I have no love for PHP, but this was patched quite quickly.

"Got better things to do and honestly don't give a shit."

Then don't post crap like that "The Facts" thing.

(assuming that was you)

Re: MoronPeeCeeUSR

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:05:00 GMT

This place is hilarious!

Hilarious? Have i ever said claimed there are no worms for *NIX or are you applying what (misinformed) individuals claimed here, then see them as part of some group, then apply the image you have of those who spreaded misinformation to a single individual you also see as part of that very group. That would be hilarious.

As for PHPBB, IMO you could have seen it coming, and i wouldn't run this software not advice one to run it, especially not with precautions. The bug was yet another one in software which has a history of security vulnerabilities due to programming errors, the bug was known for a while already, the bug was patched for a while already, while the software is widely in use. If you insist on using software which frequently has flaws you have to take precautions... some of which are outlined throughout this thread. Oh, and btw -- PHP or PHPBB != UNIX, and the bug and/or the precautions are in no way UNIX-specific. PHP and PHPBB are open source though.

A nice contribution of making this place a tad more hilarious. Thanks, post another one, but i'm not gonna take it seriously.

Don't use *nix

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:12:00 GMT

See *nix is so unsecure, better off using windows and IE

*Attention Nix is INSECURE*************************************

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:25:00 GMT

**********************************

Attention Linux is NOT secure and it has CRITICAL
SECURITY FLAWS IN ALL THE CODE.

ALL THE SO CALLED 'EYES' ARE A JOKE, A COSTLY
$$$$$$$$$$$$$ JOKE AT BEST.

DO NOT USE **NIX USE WINDOWS AT LEAST THEY FIX
THEIR CODE.

WARNING STAY AWAY FROM OPEN SOURCE.

YOU HAVE BEEN WARNED.

DON'T use **NIX

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:27:00 GMT

**********************************

ATTENTION ALL **NIX USERS STOP USING AT ONCE

USE WINDOWS AND IE IT IS MORE SECURE

**********************************

PHP IS VERY COSTLY $$$ AND SPREADS WORMS

Excuses, excuses and more excuses

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 03:52:00 GMT

Need I say more, the number of excuses given on
here is beyond funny.

The FACT is the websites were defaced and it was
something as simple as a PERL Script.

Another fact, perl scripts can run at free will
without ROOT permission. This whole LIE about
how secure a Linux (Distro) is a FARCE.

Just like you cannot remove PERL from Debian,
it gets better and better. I just love reading
the excuses, of how it trashed servers and
spread through Google, in which it runs on
Linux and it uses Apache.

One thing is for certain, Open Source apps are
more fun to watch squirm.

Don't forget to patch, oh I almost forgot I do
NOT use PHP.........

My server is secure, NO PHP.

A better solution

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 04:01:00 GMT

You guys have it all wrong. What we need to do is start public executions of hackers! After a 24 hour toture session(all televised live on tv), they need to brought before a firing squad and shot.

I wear the minute the first guy gets executed, all of this BS would stop. These little punks would scared out of there pants and never attempt to write in any scripts.

It is

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 04:17:00 GMT

Really hard to figure out what is the dumbest comment in this thread. On the one hand you have a bill gates sycophant spreading the fud. On the other hand you have fools who think that we should treat kids who dick around with computers harsher than we do rapists, murderers, robbers, and repeat violent criminals. It is a fscking computer! GTF over it! On the day your mother is raped and murdered while at the same time some dildo on the internet roots your server; who's blood are you going to be calling for? Gain a little perspective.

RE: DON'T use **NIX

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 04:20:00 GMT

@ The Facts

Let's see.
Your parents bought one of those $299 computers. It came with Windows XP Home preinstalled.
You figured you'd be the coolest kid in your gang if you installed Linux and showed all your friends how you run Linux.
So you tried installing Linux, wiped out your Windows partition, installation didn't go so well, and you ended up with a fscked system.
Not knowing what to do you went crying to your dad, who had to call a computer tech to reinstall Windows XP.
It cost your dad a nice pile of change, he got mad at you and you're not allowed to use the computer any more.
You have to post from the Public Library now.
You're bitter and want revenge now that your failed Linux adventure got you in so much trouble eh?

Heh

Wow

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 04:27:00 GMT

This is fun... not.

@ By Anonymous (IP: ---.bchsia.telus.net)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 04:36:00 GMT

No you have it all WRONG.

FACT: How many comments on here are about how
SECURE ALL open source apps are.

Lets see, 'worms do not affect Linux because you
have to be ROOT. WRONG answer, with scripts it
does the magic for you.

PHP is just one fine example the Open Source
numbskulls are setting them selves up for.

Remember what goes around comes around and it
is going to be FUN.

I can't wait, maybe we should start a fund,
since they do this for 'FREE'...........

It is open season on open source, I bet all
the 'Eyes' are starting to worry now.

Let the games begins, where is Google running
apache on Linux when you need it????

This is fun, very, very, very, very fun.

YES!

Re: dpi

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 05:01:00 GMT

"And they swore that worms like this couldn't spread on a Unix system"

Who swore that?

I've seen it in various places - it can't happen in *nix because the browser isn't embeded into the OS, files don't have execute privileges by default, email programs can't launch attachments directly, yada ... yada ... yada ....

And you know people are saying things like that, because we've all heard it before - not like I'm making the shit up myself.

Re: When Worms Get Literate

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 05:32:00 GMT

Found this over on NeoWin.com 5 minutes after reading about Santy.A here -

As we reported last week, Google had been used by the "Santy.A" worm to infect websites using vulnerable versions of phpBB. Google has since disallowed such search attempts by the worm, by simply not listing vulnerable sites in their search results.

Variants are now attempting to exploit search engines offered by Yahoo and AOL, targeting sites running versions of phpBB prior to version 2.0.11. Some variants of the worm damage sites using poorly coded php instances of include() and require(). AOL claims that they are no longer contributing to the spread of the worm, and Yahoo has declined all requests for comment.

Santy deletes content from effected php-based sites, and replaces it with information found within the worm itself. Luckily this worm is not communicable to computers who visit effected sites. Sites using older versions of phpBB should update immediately, and some sites utilizing php may have to be rewritten all together.

Site defacement was only part of the story

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 09:45:00 GMT

Actually, defacement of sites and overwriting files was only part of the story. For a few days this worm was installed on so many sites and Googling so hard that it was effectively running a mini-DOS attack on many popular phpBB forums. Even on sites with updated, "safe" versions of phpBB it racked up traffic volume astronomically, because each attempt would load a full page twice (I was getting around 3000 visits a day on a site that normally has around 100). It was possible to counter this with some .htaccess rewrites but many small forum operators probably didn't know how to do this.

One interesting question is, what was the motive of the worm author(s)? AFAIK so far it's just doing damage, without pursuing any traditional profit motives, such as installing a spambot or trawling for valuable data. I suppose it's most likely that it was just another emotionally challenged teenager with nothing better to do. However, specifically attacking an open-source, free software project does seem out of character, even for a black hat. Perhaps it was someone with a personal peeve against the phpBB crew...

try this (simple automated backup of your server)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 10:44:00 GMT

first i'd recommend you guys update your PHP to the latest and safest version, same goes for your phpBB boards and apache versions, anything that is out of date risks being exploited either by human hackers or automated worms/scripts such as Santy.

That said, losing your 'data' be it php or html files is surely not nice, so backup !!

heres a very simple way of backing up apache once a week into a nice tar.gz file which could come in handy one day

http://www.linux-noob.com/forums/index.php?showtopic=1181

cheers

anyweb

Duh

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 11:58:00 GMT

Well a lot of "hackers" use google for website vuln. scans to pick up websites that're running the proper verisons of what they need for the hack to work. Besides that fact though it is kinda cool to see software using Google. Now wouldn't it be a lot nicer if they used their power for good rather then evil?

Just a simple thought though.

article

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 12:26:00 GMT

thanks for this informative article. i wonder when the next worm will appear. for sure it will make use of random queries to avoid being blocked by google.

RE: dpi (IP: ---.ipv4.freeshell.bofx.net)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 13:48:00 GMT

" The bug was yet another one in software which has a history of security vulnerabilities due to programming errors... If you insist on using software which frequently has flaws you have to take precautions... PHP and PHPBB are open source though."

What a spectacular way to prove that Open Source does not guarantee better software.
One of the pillars of Open Source ideology falls and anyone could see how it falls by Googling for NeverEverNoSanity

"the bug was known for a while already, the bug was patched for a while already, while the software is widely in use"

If it were not about Open Source exposed bug, that statement of yours would look like taken word for word from Windows advocate explaining why W32.Blaster worm should not be used to blame Microsoft.

After all, the bug exploited by Blaster was known, the bug was patched, the workaround was available since day one of Win XP (enable firewall), users were warned by CNN and Office of Homeland Security, while the software (Windows) is widely in use.

Too bad, I can't recall you or any other anti-Microsoft activist giving Microsoft at least the credit you give to PHP and phpBB.

That's the example of double standard. Prove me wrong.

@ anyone who claims *NIX has no worms

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 14:02:00 GMT

I haven't heard ANYONE claim that *NIX has no worms and Windows is wide open to them. I have only heard the broad term 'virus' vulnerabilities. So, MoronPeeCeeUser, In my book, you haven't a leg to stand on in this. Now, if you wish to know the difference between a virus and a worm, here you go:

Worms exploit vulnerabilities in running programs (usually, but maybe not required to be, Internet-connected daemons) to transfer their payload to another system.

Viruses (Virii? Virus? what's the plural?) use primarily social engineering and the poor design of entire software systems (Windows as a whole, perhaps KDE, GNOME, MSOffice, whatever) to dump their payload and spread.

Examples of each:

Worm (finger example from way back when): Program queries the 'finger' daemon running on a remote machine, giving it just a little too much data (the payload), and exploiting a vulnerability, dumping the payload into the running process image. This causes the finger daemon to crash, and execute the payload.

Virus (Pick one, any one, how about the IloveYou): I don't exactly recall if this spread automatically, or only if you clicked on the message. But, it had the message "I Love You", from a known contact (from another's address book). When this dropped its payload, it used Outlook (express?) to scan the victim's address book, and email itself to everyone listed.

Now, do you understand the difference yet? This was a WORM, therefore, ANYTHING CONNECTED TO THE INTERNET is vulnerable, not just th4t w1nd0z3, lun1>< is vulnerable too (god I hate typing that, but did to make a point that you're shitting about nothing).

worm or virus

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 15:04:00 GMT

nobody cares about being it a worm or virus if it compromises your system / website. it was a vulnurability similar to windows blaster, and the oss folks should care about it. i guess gentoo machines that are auto-updates were not affected, but i'm not sure if phpbb is a package.

Viruses

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 15:08:00 GMT

"Viruses (Virii? Virus? what's the plural?)"

Viruses

Re: Worm or virus (@Evert)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 15:19:00 GMT

I never said they shouldn't care, just that MoronPeeCeeUser and friends shouldn't get their panties in a bunch over it. If you run the software, be alert of it, watch bugtraq, take steps to secure it, that's all there is too it. Don't bitch and moan about how one group appears hypocritical, or how the lightbulb just went on in your head saying that nothing is perfect (not directed to you specifically, just generally to anyone who reads this). Sure there are zealots who say 'yes, windows sucks, unix forever, blah blah blah' but they're idiots, and shouldn't be taken seriously. (My opinion: Windows has some fundamental design flaws, but people use it, so it exists. I just avoid it wherever I can, as I feel *NIX systems are designed better, at least the ones I use are).

But, back to my original rant of this: It is next to impossible, if not impossible, to build a completely bullet-proof system, so admins just need to be careful no matter what OS they run and packages they install. Simple as that. (rant over, commence flaming or ignoring).

@RaVen

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 16:03:00 GMT

Actually...I do ..however this will always happen. Code will have holes and all of them won't be caught. What makes the difference is how many holes there are and how quickly they can/and are patched. I have no love for PHP, but this was patched quite quickly.

Honestly I don't mind PHP. I rather like it. I agree bugs will always be there and there will always be holes. Quick turnaround on patches is important.

I feel that exploits and viruses are a problem that as a whole the industry is still learning to deal with. To try and determine how someone might exploit code and make it perform in ways it was never designed to perform is not an easy task for any group of people.

Then don't post crap like that "The Facts" thing.

(assuming that was you)

Wasn't me. I don't post anon on this forum.

Re: Russion Guy - Double Standard

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 16:25:00 GMT

Excusing flawed software for one vendor while apologizing for another is a double standard. But Microsoft does not exclusively represent proprietary software, nor should you overly represent open/free(dom) software with PHP.

Open source does not 'guarantee' better security. But having the source code does allow for peer review and the ability for more people to contribute 'fixes.' This would certainly be an 'advantage' of open source over proprietary software.

For fun, imagine that Microsoft and Zend Technologies were not responsive to fixing their software. How would proprietary and free/open source software compare? Hint: there would be a patch for PHP.

RE: d advocate (IP: ---.psfarms.com)

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 22:38:00 GMT

>Open source does not 'guarantee' better security.

Mr. Stallman will disagree. So will many, many other open source advocates.
I agree with you.:)

>peer review... would certainly be an 'advantage' of open source over proprietary software.

It would, except hackers usually work this way:

1. Bug found by independent reviewer or software developer.
2. Bug fixed.
3. Patch released.
4. Hackers review the patch.
5. Hackers write exploit and release it to the wild.
6... Infection.
7... Infection.
8... Infection.
9... Finally, end users reluctantly patch their software.

Open Source may be better in getting from 1 to 3, but lazy hackers wait at 4- why bother reading tens of millions of source code lines (if available) when patch will reveal all they need in few hundred lines? Then, 5 to 9 is not different between proprietary and open source software.

>Hint: there would be a patch for PHP.

Hint: it was! Not very many people bothered to download it. It has nothing to do with openess of software and this is the point: no open source software in the world force people to change their habits.

Open source may be good in sharing intellectual property with less fortunate, but it is not a silver bullet for security, does not matter how many times Stallman and his followers want us believe the opposite.

I am glad we both agree on this: open source does not 'guarantee' better security.

Open source needs more people like you.

Re: Russian guy

donotreply@osnews.com (Anonymous) — Wed, 29 Dec 2004 23:42:00 GMT

So open source is more secure with all the 'eyes' on it.

If it was, it would not NEED patching to begin with,

that is NON-sense.

You can't have it both ways, saying MS software has
holes and open source is just patches.

Give me a break, another comment Stallman is right
down your ally, he is a devout Atheist and
Communist.

Open Source is not secure, if it was written
correctly to begin with 'millions of eyes' this
would not have happened.

This is the truth and they know it, stop running
from it.

Re: Russian guy

donotreply@osnews.com (Anonymous) — Thu, 30 Dec 2004 00:43:00 GMT

Maybe you guys ought to stipulate WHICH open source you're talking about. Is Windows as secure as OpenBSD? Why not?

RE: By Nog (IP: ---.dialup.mindspring.com)

donotreply@osnews.com (Anonymous) — Thu, 30 Dec 2004 01:48:00 GMT

"Maybe you guys ought to stipulate WHICH open source you're talking about. Is Windows as secure as OpenBSD? Why not?"

Can you explain to me why it is?

OpenBSD can be hacked up quite easily, give someone time and nothing to do. You would be amazed what they can do.

RE: Safemode

donotreply@osnews.com (Anonymous) — Thu, 30 Dec 2004 03:57:00 GMT

..what are you talking about???

I just said that I have safemode on server wide, but you can also turn it off in the httpd.conf file. you can use the httpd config file to turn it off or on for specific sites.

"No, you put safemode on or off, besides relared configuration, in PHP's configuration file; " Makes no sense to me in a reply to my safemode comments.

Safemode is a very good thing to have on.

RE: Worms - not just for Windows anymore :)

donotreply@osnews.com (Anonymous) — Thu, 30 Dec 2004 07:36:00 GMT

I think your confusing desktops with servers Darius. Linux/UNIX servers have seen worms for years but there are still no desktop attacks. These are not mom/pop systems but systems run by Administrators who are meant to have a clue.

@ Russian Guy

donotreply@osnews.com (Anonymous) — Thu, 30 Dec 2004 13:42:00 GMT

>Open source does not 'guarantee' better security.

Mr. Stallman will disagree

Quote him. I don't think he ever said that and he doesn't say that much. When he does, its mostly the same, and afaik he never ranted on security issues or so.

As for PHPBB, you can't use that to make an overal claim about open source given its merely one the very many. Youcan't say "all women are murderers" simply because one evil Soviet female pressed the nuke button. You don't say "Oh, my, Coldfusion is so insecure. Its because its proprietary! Oh my, all proprietary software is insecure!" -- when you say that you haven't connected the dots, because you haven't proven that because of B hence A. And C is even more global than B. Its hard to compare it to Outlook as well since they're used on a different field and since the damage done also varies. IOW, bullshit discussion, bullshit arguments.

Those who use similar arguments in other examples (e.g. Microsoft software) are equally using falacies to make some kind of moot point.

OSNews:

This isnt the first time Google has been used for this..

Creative?

Solution...

yeah

RE: Solution...

RE: Solution

Re: Solution..

My server was hit with this

Safemode

RE: Solution

RE: My server was hit with this

RE: Solution

Hmmmm....

Use of perl notable....

RE: Solution

Damn.

RE: harper (IP: ---.port.east.verizon.net)

RE: My server was hit with this

Santy source

Heh

RE: My server was hit with this

Worms - not just for Windows anymore :)

Re: Worms - not just for Windows anymore :)

What happened to all those 'eyes' on 'Open Source'

RE: The Facts

@dpi

@RaVen

RE: MoronPeeCeeUSR

Re: MoronPeeCeeUSR

Don't use *nix

*Attention **Nix is INSECURE***************************************

DON'T use **NIX

Excuses, excuses and more excuses

A better solution

It is

RE: DON'T use **NIX

Wow

@ By Anonymous (IP: ---.bchsia.telus.net)

Re: dpi

Re: When Worms Get Literate

Site defacement was only part of the story

try this (simple automated backup of your server)

Duh

article

RE: dpi (IP: ---.ipv4.freeshell.bofx.net)

@ anyone who claims *NIX has no worms

worm or virus

Viruses

Re: Worm or virus (@Evert)

@RaVen

Re: Russion Guy - Double Standard

RE: d advocate (IP: ---.psfarms.com)

Re: Russian guy

Re: Russian guy

RE: By Nog (IP: ---.dialup.mindspring.com)

RE: Safemode

RE: Worms - not just for Windows anymore :)

@ Russian Guy

*Attention Nix is INSECURE*************************************