On 3/6/2010 4:04 PM, nate wrote:
if you can upload source code, you can upload a precompiled binary
True, but most attacks are automated, and try to attack as wide a range of machines as possible.
If I were to write a bit of malware for *ix that needed a custom binary on the target machine, I'd at least consider distributing it as C code, banking on the fact that most *ix systems have a C compiler installed by default these days.
<snip> Which is why, for the 10 or 11 years that I've used a linux box as a firewall router at home, it had almost *nothing* on it, and that was before I ran Bastille against it. I intended it as a cheap (old hardware, the second one was scrounged) firewall/router, and *nothing* *else*. So, when I built it, no compilers, no languages (other than things like perl and awk and shells), no X... and only one user other than the system users (me).
mark