[Info-vax] Anti-virus ?

Brian Schenkenberger mail at SendSpamHere.ORG
Tue Aug 15 11:36:51 EDT 2023 

On 2023-08-14 11:12:32 +0000, Johnny Billquist said:

> On 2023-08-12 12:59, plugh wrote:
>> On Saturday, August 12, 2023 at 3:41:28 AM UTC-7, Johnny Billquist wrote:
>>> On 2023-08-11 19:35, Simon Clubley wrote:
>>>> Oh, and BTW, judging by the fact Eisner has needed to be rebooted multiple
>>>> times over the years due to various services locking up presumably due to
>>>> attacks, I have little confidence that VMS in general would be robust
>>>> within an actively hostile environment.
>>> I think you are misinterpreting some data, as well as making some
>>> assumptions that I don't think are correct.
>>> 
>>> By the way, I have an RSX system publicly on the internet, and it's
>>> totally without firewalls, and on 24/7. Mainly to actually harden it.
>>> But it's basically running stable without any issues since many years.
>>> 
>>> So much for "hostile environment" being such a big problem. (Although I
>>> should admit that I don't have some of the fancy services that are easy
>>> to exploit...)
>>> 
>>> Johnny
>> 
>> It's that last part that is quite important these days. It's all about 
>> services now, as communication is so important. So much of this 
>> security stuff was known by Digital, such knowledge has simply been 
>> left to rot.
> 
> Oh. But it's not that I don't have any services... I do have some. But 
> I guess it's a combination of me really into writing services that ever 
> execute something passed in, with the assumption that it will look 
> fine. I completely abhor the REST paradigm. It's such a poor idea from 
> the start. (I don't start ranting about people who embrace it...)
> The other part being that RSX is such an odd system to start with that 
> pretty close to nobody even cares to try and figure out how to actually 
> exploit anything. They are just running various scripts and tools that 
> tries to exploit usual, well known issues in various services.
> 
> It's actually a very good way of finding out what issues are the most 
> common ones. I get plenty of probes for things in wordpress for 
> example. So that one seems popular (and bad). Netgear seems to also 
> have some popular exploits. Then apparently just badly setup CGI stuff 
> in general.
> 
> Examples:
> 
> . GET /wp-login.php
> 
> (seems to be just lots of these probing if wordpress is running on the 
> host, so lots of variations on this one...)

ERROR 404
We're sorry but it looks like you're lost.
The requested paged does not exist.

More information about the Info-vax mailing list