Full Disclosure mailing list archives
Re: Re: January 15 is Personal Firewall Day, help the cause
From: Tobias Weisserth <tobias () weisserth de>
Date: Fri, 16 Jan 2004 21:34:54 +0100
Hi David, Am Fre, den 16.01.2004 schrieb David F. Skoll um 19:58: ...
There are no self-propagating Linux e-mail viruses. The only Linux e-mail viruses are proof-of-concept programs that have never actually infected machines other than lab machines designed to test the proof-of-concept.
Sorry, David. But Ramen did score quite well when it was active and there were many infected Unix/Linux machines with Ramen. Though I have to agree with you that there probably aren't any viruses in the wild at the moment that could infect and compromise a patched Linux system if it's properly setup. It's different with Linux machines running lousy software such as PHPNuke or PostNuke or something like that, which frequently is subject to PHP/SQL injection exploits. When the system features an unpatched or even uncharted local exploit such as the do_brk() bug which has been in the kernel since the 2.2 series(!!!!! That's a damn long time !!!!!!) in addition to such lousy software then the first system compromise with some rootkit is unavoidable. But of course I am comparing squares to circles here since no sane MS Windows end user would run a webserver on his home machine. When running Linux you seriously should consider to run chkrootkir from a safe location (like a CD) and use file integrity checking of some sort. Anything else is just asking for trouble the hard way. I only have to remind you of the Debian hack. Hadn't Debian used AIDE to detect the modifications in their systems, we'd never had known about that do_brk() vulnerability until major damage occurred. kind regards, Tobias W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: January 15 is Personal Firewall Day, help the cause, (continued)
- RE: Re: January 15 is Personal Firewall Day, help the cause Erik van Straten (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause jan . muenther (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause William Warren (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause Ron DuFresne (Jan 20)
- Re: Re: January 15 is Personal Firewall Day, help the cause Alvaro Gomes Sobral Barcellos (Jan 23)
- Re: Re: January 15 is Personal Firewall Day, help the cause David Luyer (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause Valdis . Kletnieks (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Tobias Weisserth (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Exibar (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Tobias Weisserth (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Exibar (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Tobias Weisserth (Jan 16)
- Re: Re: January 15 is Personal Firewall Day,help the cause Exibar (Jan 16)
- Re: Re: January 15 is Personal Firewall Day,help the cause Tobias Weisserth (Jan 17)
- Re: Re: January 15 is Personal Firewall Day,help the cause jan . muenther (Jan 17)
- Re: Re: January 15 is Personal Firewall Day,help the cause Tobias Weisserth (Jan 17)
- Re: Re: January 15 is Personal Firewall Day,help the cause brenda (Jan 17)
- Re: Re: January 15 is Personal Firewall Day,help the cause Ron DuFresne (Jan 20)
- Message not available
- Re: January 15 is Personal Firewall Day,help the cause Jim Race (Jan 17)
- Re: Re: January 15 is Personal Firewall Day,help the cause Valdis . Kletnieks (Jan 17)