Overclock.net - An Overclocking Community - Reply to Topic
Thread: [TPU]Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks Reply to Thread
Title:
Message:

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in


  Additional Options
Miscellaneous Options

  Topic Review (Newest First)
08-16-2019 01:17 PM
xJumper
Quote: Originally Posted by epic1337 View Post
but thats different from being specifically targeted, plus a sensible firewall can handle "most" probing attacks.
Very few firewalls have active counter measures. If you have an open port and a vulnerable service listening on it, it can be found and exploited.

Even running an up to date server with no vulnerabilities I was getting bots trying to brute force port 22 SSH and even with no known flaws unless you have a 20+ random character password there's a good chance someone can brute force their way in. Even with a strong password I had to implement active counter measures like fail2ban to ban peoples IP's after 3 unsuccessful attempts, there was just crap loads of bots probing and taking drive by pot shots.

Without active counter measures people can basically take infinite shots at you until a successful exploit is found.
08-14-2019 02:16 PM
epic1337
Quote: Originally Posted by xJumper View Post
Doesn't work like that...

Nobody tries to specifically target anyone, ports scanners crawl the web probing every single combination of IP address and all 65,535 TCP/UDP ports.

When I was running a server from my house with a mere 11 ports open my logs would be filled with hundreds of probing/brute force attempts.

The amount of people who are unknowingly part of a large bot net or have their routers DNS hijacked/poisoned is huge. Open ports with vulnerable applications get you owned.
but thats different from being specifically targeted, plus a sensible firewall can handle "most" probing attacks.
08-14-2019 12:57 PM
xJumper
Quote: Originally Posted by epic1337 View Post
yup, the chances of you specifically being targeted by a hacker is at least one in a million, one should ask himself "why would they even target me?".

its more likely that you'd unknowingly download a malicious software.
Doesn't work like that...

Nobody tries to specifically target anyone, ports scanners crawl the web probing every single combination of IP address and all 65,535 TCP/UDP ports.

When I was running a server from my house with a mere 11 ports open my logs would be filled with hundreds of probing/brute force attempts.

The amount of people who are unknowingly part of a large bot net or have their routers DNS hijacked/poisoned is huge. Open ports with vulnerable applications get you owned.
08-14-2019 10:35 AM
epic1337 yup, the chances of you specifically being targeted by a hacker is at least one in a million, one should ask himself "why would they even target me?".

its more likely that you'd unknowingly download a malicious software.
08-14-2019 10:16 AM
bigjdubb I think malicious software exploiting the vulnerability is more likely than a hacker getting on your network and trying to exploit this vulnerability.
08-13-2019 05:45 PM
Krawk I had replied to the thread elsewhere about Nvidia encouraging us to update our drivers for this reason. Again, I ask, what is the actual risk to an end user? I sit behind my ZyXEL DSL modem which likely has a good firewall, so a random hacker out there trying to exploit my MSI/Nvidia graphics or MSI motherboard drivers seems pretty damned remote! Does not the built in Windows firewall also trump the exploits too? Someone from the outside has to get a foothold first.
08-12-2019 08:17 PM
Omega X
Quote: Originally Posted by Defoler View Post
Good way now to force people to upgrade. Old motherboard? No new drivers. Either replace or you are on the risk.
If you add MS to blacklist certain drivers, than you are in the risk of your OS not getting updated or not working at all.

Microsoft patch up old drivers often for compatibility. They can probably deal with this issue quickly if they put up the resources to do so.
08-12-2019 07:05 AM
SoloCamo
Quote: Originally Posted by xJumper View Post
The amount of total distros is irrelevant in terms of what would be vulnerable or not, everything for the most part like 90% Linux market share is from distros based on about three distros. A debian privilege escalation attack would likely work fine on Ubuntu and vice versa.



It has more, average dudes with $800 dollars in their bank account is what most of the Windows user base is, super computers/servers etc running the modern world, power grid, etc are all on Linux. Linux isn't security by obscurity, it's an inherently more secure operating system. Case in point, the official driver repos that many distributions use are very hard to get onto. The very way they do things makes an attack like this a lot harder.
Fair enough as I didn't factor in the server market. However, regarding the average user with $800 use case, I'd have to disagree and note that the majority of consumers, rich or poor are running on Windows. Supercomputers/servers aren't typically used in the consumer market for obvious reasons so it's not so much a money thing as it is a use case and knowledge thing.

Quote: Originally Posted by Liranan View Post
Linux dominates the server marketshare (Windows is almost non-existent) so there are constant attacks on Linux as well. However as has been proven the most secure OS is BSD, followed by Linux, Windows is third and iOS is just a joke, hacked within minutes at every hacker championships.

Sadly BSD suffers from huge hardware incompatibility due to it being far more obscure than Linux and Windows. And while iOS is based on BSD Apple have taken BSD and butchered it to make the rubbish they call an OS.
Fair enough, like noted above I did not factor in the server market.
08-12-2019 01:48 AM
Liranan
Quote: Originally Posted by SoloCamo View Post
Thing that I mock about this type of drivel is that if Linux (whatever millionth distro of the month we are talking here) had the same market share it would have the same amount of efforts into attacking it.
Linux dominates the server marketshare (Windows is almost non-existent) so there are constant attacks on Linux as well. However as has been proven the most secure OS is BSD, followed by Linux, Windows is third and iOS is just a joke, hacked within minutes at every hacker championships.

Sadly BSD suffers from huge hardware incompatibility due to it being far more obscure than Linux and Windows. And while iOS is based on BSD Apple have taken BSD and butchered it to make the rubbish they call an OS.
08-11-2019 10:00 PM
xJumper
Quote: Originally Posted by SoloCamo View Post
Thing that I mock about this type of drivel is that if Linux (whatever millionth distro of the month we are talking here)
The amount of total distros is irrelevant in terms of what would be vulnerable or not, everything for the most part like 90% Linux market share is from distros based on about three distros. A debian privilege escalation attack would likely work fine on Ubuntu and vice versa.

Quote: Originally Posted by SoloCamo View Post
had the same market share it would have the same amount of efforts into attacking it.
It has more, average dudes with $800 dollars in their bank account is what most of the Windows user base is, super computers/servers etc running the modern world, power grid, etc are all on Linux. Linux isn't security by obscurity, it's an inherently more secure operating system. Case in point, the official driver repos that many distributions use are very hard to get onto. The very way they do things makes an attack like this a lot harder.
This thread has more than 10 replies. Click here to review the whole thread.

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off