IRIX security

Open forum for security issues and info.
Forum rules
Any posts concerning pirated software or offering to buy/sell/trade commercial software are subject to removal.
User avatar
ritchan
Posts: 276
Joined: Mon Mar 31, 2008 6:47 am
Location: Oldenburg, Germany
Contact:

IRIX security

Unread postby ritchan » Sat Nov 20, 2010 2:04 am

It's common knowledge that irix isn't exactly the most secure OS on the planet, but when nekonoko was running nekochan.net on his O350s, were there any breakin attempts? Just for curiosity's sake.
Originally Posted by Tommie
Please delete your post. It is an insult to all the hard work society has put into making you an intelligent being.

Like somebody at AMD said about a decade ago: Benchmarking is like sex. Everybody brags about it, everybody loves doing it and nobody can agree on performance.

User avatar
nekonoko
Site Admin
Site Admin
Posts: 8001
Joined: Thu Jan 23, 2003 2:31 am
Location: Pleasanton, California
Contact:

Re: IRIX security

Unread postby nekonoko » Sat Nov 20, 2010 2:37 am

No, not that I'm aware of. As long as you limit which ports/services are exposed and keep your open source components up to date (Apache, PHP, MySQL etc) it's no worse than any other OS.
Twitter: @neko_no_ko
IRIX Release 4.0.5 IP12 Version 06151813 System V
Copyright 1987-1992 Silicon Graphics, Inc.
All Rights Reserved.

SAQ
Posts: 5758
Joined: Wed Jul 19, 2006 8:37 am
Location: Renton, WA

Re: IRIX security

Unread postby SAQ » Sun Nov 21, 2010 9:39 am

You can also keep an eye out for the advisories on other vanilla-esque SysV Unices. The good thing about IRIX is that as an open system you can swap in many of the services from an xBSD or GNU system if something comes up. AFAIK there haven't been any core compromises in a while (kernel errors, libc errors, etc.)
Damn the torpedoes, full speed ahead!

There are those who say I'm a bit of a curmudgeon. To them I reply: "GET OFF MY LAWN!"

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O3x0: :ChallengeL: :O2000R: (single-CM)

User avatar
mattst88
Posts: 397
Joined: Wed Jul 13, 2005 9:54 am
Location: Hillsboro, OR
Contact:

Re: IRIX security

Unread postby mattst88 » Thu Nov 25, 2010 10:07 pm

Well, honestly who is actively looking for IRIX vulnerabilities? And why would they even bother?
My computers including Alphas, MIPS, PA-RISCs, VAX, and SPARCs.

User avatar
josehill
Moderator
Moderator
Posts: 2983
Joined: Mon Jun 06, 2005 9:53 pm
Location: USA
Contact:

Re: IRIX security

Unread postby josehill » Thu Nov 25, 2010 11:14 pm

mattst88 wrote:Well, honestly who is actively looking for IRIX vulnerabilities? And why would they even bother?

All you need is one open door, and if compromising a vulnerable IRIX box gets you through that door onto a local net, then it may well be game over. The IRIX box is not necessarily the target, but the vector, and in an age when botnets control cpu power and bandwidth that were once the sole province of governments with supercomputers, adding a probe for a set of IRIX vulnerabilities does not have to be a costly proposition.

User avatar
smj
Posts: 1373
Joined: Mon Nov 12, 2007 8:54 pm
Location: Berkeley, CA, USA, NA, Earth, Sol
Contact:

Re: IRIX security

Unread postby smj » Fri Nov 26, 2010 11:57 pm

On the one hand, botnets are a game of scale and volume so at least the operators thereof will be more interested in Windows, Linux variants, and maybe OS X. On the other hand, people concerned with penetrating new and interesting sites will use whatever gets them in the door. In that case targeting more *NIX variants may well be worthwhile, in which case it isn't so much a question of developing new IRIX exploits as keeping old exploits and rootkits on hand. With good OS fingerprinting you can even make sure you're only trying those methods when dealing with that variant.

And yes, if they're renting botnets or have similar resources, they can afford to twist a lot of doorknobs in a lot of different ways. But when you start assuming specific targeting by a party with serious resources, you may be into a different conversation than where the OP started...
Then? :IRIS3130: ... Now? :O3x02L: :A3504L:- :A3502L: :1600SW:+MLA :Fuel: :Octane2: :Octane: :Indigo2IMP: ... Other: DEC :BA213: :BA123: Sun, DG AViiON, NeXT :Cube:

User avatar
Nihilus
Posts: 301
Joined: Sat Dec 18, 2004 9:21 am
Location: Stockholm, Sweden
Contact:

Re: IRIX security

Unread postby Nihilus » Sat Nov 27, 2010 7:56 am

ritchan wrote:It's common knowledge that irix isn't exactly the most secure OS on the planet, but when nekonoko was running nekochan.net on his O350s, were there any breakin attempts? Just for curiosity's sake.


There is "Trusted IRIX (TIRIX)" for those who needs it, id est governments, educational institutions, banks etc... It's more or less an open secret that it exists and is audited.
SGI Systems: R4K :Indigo:/256MB/XS-24, R5K 150MHz :Indy:/160MB/XL-24, R10K 175MHz :O2:/640MB, R12K 400MHz :Octane2:/Vpro6/1GB & R4K 250 MHz :Indigo2IMP:/128 MB/XZ Extreme/GIO64 FDDI

"It's a UNIX system! I know this! "

User avatar
smj
Posts: 1373
Joined: Mon Nov 12, 2007 8:54 pm
Location: Berkeley, CA, USA, NA, Earth, Sol
Contact:

Re: IRIX security

Unread postby smj » Sat Nov 27, 2010 11:38 am

Nihilus wrote:There is "Trusted IRIX (TIRIX)" for those who needs it, id est governments, educational institutions, banks etc... It's more or less an open secret that it exists and is audited.

I don't think there was any secret involved, there are press releases and white papers about it achieving B1/LSPP certification.

Keep in mind that while I'm sure they still support it for paying customers, Trusted IRIX is likely at most in maintenance mode. The Trusted IRIX Security Admin Guide was last updated in 2003, from what I can find. Still, it might help and could be educational to play with anyway if you can find a copy.
Then? :IRIS3130: ... Now? :O3x02L: :A3504L:- :A3502L: :1600SW:+MLA :Fuel: :Octane2: :Octane: :Indigo2IMP: ... Other: DEC :BA213: :BA123: Sun, DG AViiON, NeXT :Cube:

SAQ
Posts: 5758
Joined: Wed Jul 19, 2006 8:37 am
Location: Renton, WA

Re: IRIX security

Unread postby SAQ » Sat Dec 11, 2010 9:09 am

smj wrote:
Nihilus wrote:There is "Trusted IRIX (TIRIX)" for those who needs it, id est governments, educational institutions, banks etc... It's more or less an open secret that it exists and is audited.

I don't think there was any secret involved, there are press releases and white papers about it achieving B1/LSPP certification.

Keep in mind that while I'm sure they still support it for paying customers, Trusted IRIX is likely at most in maintenance mode. The Trusted IRIX Security Admin Guide was last updated in 2003, from what I can find. Still, it might help and could be educational to play with anyway if you can find a copy.


At this point any IRIX is pretty much in maintenance mode, at least de facto maintenance.

For most people you probably aren't going to get too much out of TIRIX that you don't get out of regular IRIX with all the security patches (and a good security setup).
Damn the torpedoes, full speed ahead!

There are those who say I'm a bit of a curmudgeon. To them I reply: "GET OFF MY LAWN!"

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O3x0: :ChallengeL: :O2000R: (single-CM)


Return to “SGI: Security”

Who is online

Users browsing this forum: No registered users and 1 guest