RE: Security

CyberPsychotic (mlists@gizmo.kyrnet.kg)
Mon, 25 Jan 1999 21:17:14 +0500 (KGT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Glynn Clements: "Re: different between LILO & LOADLIN"
Previous message: Warren Mira: "10.10.1.1 as a DNS server address?"

~ There are viruses for Linux. Several, in fact... There's a few ELF
~ infectors that work pretty well, and there's a kernel module infector
~ that's also out. Not that it's all that useful without the ability to
~ infect normal programs... I've also seen a few script infectors, which are
~ pretty easy to spot if you have any programming experience. One of the
~ ELF infectors (written by Qark/VLAD, I believe) actually tries to take
~ root using a couple ancient exploits...
~

Cracking Unix/Linux machine is still a sort of 'intellegent job' which
hardly could be automated. This is the main reason why Linux viruses are
not widespread. There are various sorts of trojan-like codes: elf
infectors/ gcc-infectors, but most of them require being executed as root
first, to infect the system, or use exploits to attempt breaking. IMHO
the only viruses possible, are various sorts of mail-worms, which not
only use leaks in mailer agents security but also relay on user stupidity.
(like that infamous Java virus, where it's first required by user to click
'OK' which would mean that java code gets access to local fs).

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Glynn Clements: "Re: different between LILO & LOADLIN"
Previous message: Warren Mira: "10.10.1.1 as a DNS server address?"