On Mon, Mar 08, 2010 at 07:34:14AM -0700, Warren Young wrote: > On 3/6/2010 4:04 PM, nate wrote: > > > > if you can upload source code, > > you can upload a precompiled binary > > True, but most attacks are automated, and try to attack as wide a range > of machines as possible. > > If I were to write a bit of malware for *ix that needed a custom binary > on the target machine, I'd at least consider distributing it as C code, > banking on the fact that most *ix systems have a C compiler installed by > default these days. It is no longer just the C compiler. Perl, Python, Ruby, php even bash all have rich libs and can do more quicker than most can accomplish with a C program and with more portability too. It makes sense to have a good firewall that limits all in and out paths as well as a proxy server for outgoing connections and other footprint tools. Logs and management should involve another box such that the system admin folk have a safe and different place to do their job from. -- T o m M i t c h e l l Found me a new hat, now what?