Re: Unix NOT secure against Viruses on home PCs

From: Daniel Mewes (danielmewes_at_web.de)
Date: 10/01/04

  • Next message: Dr Balwinder Singh Dheeman: "Re: IPCop 1.4rc5 with more MRTG graphs"
    Date: Fri, 01 Oct 2004 06:28:10 +0200
    
    

    Bill Unruh wrote:

    > Could malware be written for linux? Of course. No one will dispute that.
    > Could it be written so as to spoof the user into being root. Yes, but
    > usually root users are also more knowledgable than the general user.
    Not on home computers where user and root are equal.

    > ]systems. Many things could be made "better" and more tricky with a binary
    > ]virus, but the script shows how easy it actually is to code a *nux virus
    > ]using login spoofing (do not forget that it contains a remove routine
    > which ]makes it bigger).
    >
    > ???? So what. What are you trying to demonstrate?
    That login spoofing is nothing too hard to implement but can be done with
    just a few lines of shell code and so there is no reason why other real
    viruses should not use it.

    > ]#You are NOT allowed to modify or redistribute this!
    >
    > uh, you just distributed it.
    I wrote you, not me ;-)

    Regards,
    Daniel Mewes


  • Next message: Dr Balwinder Singh Dheeman: "Re: IPCop 1.4rc5 with more MRTG graphs"

    Relevant Pages

    • Re: How can I prevent users from mounting FAT32 partition?
      ... >to read with a hex editor. ... >Even if you don't know anything about the filesystem at all, ... If intruder got root and rights of root ... To spoof or not to spoof, ...
      (comp.os.linux.security)
    • Re: apache exploit?
      ... This indicate they got root already. ... >shell for Apache to ease logging in as apache and changing things while ... >modprobe is for loading kernel modules: ... To spoof or not to spoof, ...
      (comp.os.linux.security)
    • Re: Unix NOT secure against Viruses on home PCs
      ... No one will dispute that. ... >> Could it be written so as to spoof the user into being root. ... >> usually root users are also more knowledgable than the general user. ... Laziness prevents most this, ...
      (comp.os.linux.security)
    • Re: I got hacked!!!
      ... Bill Unruh wrote: ... The only thing is teh last four ... He who play in root, ...
      (comp.os.linux.security)
    • Re: forgot root password
      ... Ooh! ... Bill Unruh wrote: ... > This will put you into single user mode as root. ...
      (comp.os.linux.misc)