|
The big difference between iSeries attacks and Windows attacks is that
a
number of the exploits we're talking about on Windows can bypass
Windows
security. Just like the Rutkowska kernel code injection technique,
they can
install software beyond the privileges of the user.
A _small_ number of them patch in at that level, a very small #. And you can do the same thing on the iSeries, just change the SEPT. Now, before you go and say you can't change it without already having access to the box, I agree, however see the next...
All these theoretical attacks on the iSeries require a valid user
profile
and password, as well as the authority to the objects.
Um.... So do all the Windows attacks.... Remove my access to the box and I can't attack it. I'm on a windows box right now, go ahead, attack it... You can't. _ALL_ windows exploits require access to the box to work too. -Walden
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
