[ale] Linux Distributions

Jim Popovitch jimpop at yahoo.com
Tue May 17 17:58:34 EDT 2005


On Tue, 2005-05-17 at 17:07 -0400, Jason Day wrote:
>
> A spam relay daemon cannot bind to port 25 unless it is started as root.
> That makes it less useful, since clients must be reconfigured to use a
> nonstandard port.

First, please define "spam relay daemon".  Specifically what do you mean
by that?  Btw, an open relay is an entirely different thing.  Most
zombie spam agents don't run as standard smtp servers, nor do they need
to.

> 
> While it is certainly possible to run a remote-control daemon as
> non-root, it won't be able to hide itself and can be trivially detected
> and killed.  A remote-control program that is installed and run as root
> as part of a trojan or other malicious program however can also replace
> system files like netstat and ps, or even install kernel modules, to
> avoid detection.

There are way too many assumptions in those statements.  If I run as
root I can easily (and so can software that I run) find hidden and
zombied processes.  This is NOT true if I run as a non-root user.  Root
enables me to be secure. ;-)

> As I said before, a linux box connected to the internet with an
> always-on connection like DSL or cable, is, for all intents and
> purposes, a server.  

No it's not.


> The fact that these arguments are 20 years old
> lends them more credibility, not less.

So, it should be easy to give a non-refutable example then, right?  Why
is this thread approaching 50+ posts if the argument is so credible?

-Jim P.





More information about the Ale mailing list