regularly scheduled paranoia. Was: Re: Anti Virus
Nancy Sollars
plug-discuss@lists.plug.phoenix.az.us
Thu, 7 Mar 2002 10:59:21 -0700
I still think this will only affect the unwarey and stupid.
most people even before d/l tars check for the signiture signed file..
Nige
----- Original Message -----
From: "foodog" <foodog@uswest.net>
To: <plug-discuss@lists.plug.phoenix.az.us>
Sent: Thursday, March 07, 2002 9:52 AM
Subject: regularly scheduled paranoia. Was: Re: Anti Virus
> "der.hans" wrote:
> ...
> > Haven't used it as viruses are completely irrelevant to me ( other than
the
> > bandwitdth they use ), but:
> >
> ... snip <lots of av info>
> > der.hans
> > --
> > # http://home.pages.de/~lufthans/ http://www.DevelopOnline.com/
> > # We now return you to your regularly scheduled paranoia...
>
> I think the days of not worrying about virus scanning on Linux are
> numbered. In the early days pirates were largely responsible for
> viruses spreading under DOS. Eventually viruses started to "get lucky"
> and make it into official software releases.
>
> I think script kiddies are the best vector for widespread Linux
> infections. Their own machines will get infected, then they'll pass the
> infection on as they root other boxes.
>
> There's a thread on Vuln-dev this week about a possibly fake Apache
> 1.3.22 exploit that infects all elf binaries and opens a port on UDP
> 3049. To clarify, the Apache exploit is the possibly fake part, the elf
> infector appears to be legit.
>
> A clean and an infected grep were posted, in case anyone wants to get a
> jump start on being the McAfee of the Linux world. I don't think it'll
> be long before someone with more coding talent decides it'd be cool to
> add stealth. If that had happened, the current thread would just be
> disappointed kiddiez complaining that their new 'sploit didn't work as
> advertised.
>
> Steve
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>