Access to machines with old OS versions/architectures, like 10.4, 10.5, ... ppc
Niels Dettenbach (Syndicat IT&Internet)
nd at syndicat.com
Mon Jun 9 08:03:54 PDT 2014
Mojca Miklavec <mojca at macports.org>, Ryan Schmidt <ryandesign at macports.org>,
>> I would recommend that people who intend to make use of older
>hardware should do so with OSes that continue to get security updates
>
>But then again, given the low number of such users it's probably a lot
>more profitable to write malware for XP than it is for Leopard.
This is not really true or just the half of.
It hardly depends from which kind of ressources attackers are looking for today. If they look i.e. for infrastructure machines on IP an old Solaris could be a very thankful target to them as there are a lot of ISP or ISP like companies in specialized environments who are still running Sparc machines with some kind of proprietary software (i.e. some kind of special network accelerators i have in mind there) not further available today and which "hope" that they will not be targeted because "no windows".
If i take looks at more professional network security (re)search software i find even Solaris flaws which are known to be exploited as exploits on the "market" - means: If some attacker "stomps" about an old Sparc which has the ressources he is looking for he could (and propably will) "use"/target/abuse it.
Shure, it is hard to believe that the typical spammer scene would be interested hardly in working on Sparcs - windows users usually give them much more and easy access vectors to their target resources - but hackers at a more professional level will use what they can get...
And if i think about some Sparcs i know about til today - they are very attractive targets for some scenes as they i.e. could give access to the whole traffic of a smaller telco or ISP (and their customers) or even offer DNS services to thousands who could get "redirected" with access to such a machine etc.pp..
For Desktop systems this might be not the case so far - but may be for other scenes or "audiences" of attackers with target i've never minded before byself...
just my two cents...
cheerioh,
Niels.
--
Niels Dettenbach
Syndicat IT&Internet
http://www.syndicat.com
More information about the macports-dev
mailing list