Re: Trojans and Trojan-scanner

From: Michael Heiming (michael+USENET_at_www.heiming.de)
Date: 10/30/04 

Date: Sat, 30 Oct 2004 22:04:57 +0200

In comp.os.linux.security Tim Haynes <usenet-20041030@stirfried.vegetable.org.uk>:
> Michael Heiming <michael+USENET@www.heiming.de> writes:

>> In comp.os.linux.security erik <erik@geenspam.vanwesten.net>:
>>> Michael Heiming wrote:
>>>> In comp.os.linux.security Frank J?lich <usenet@frankjuelich.de>:
>>>>> Hi,
>>>>
>>>>> Trojans are not really a big topic at Linux, are they?
[..]
>> Running Linux since ages on a large amount of systems I have never seen
>> one. So it doesn't seem to be a big topic. Correct answer.

> Now now .. Where does someone who's encountered 3 cracked boxes (owned by
> other people, over a course of 2-3 yrs) fit between 0 and 70? What if said
> someone thinks the name `trojan' is meaningless and that what matters is
> there's been no security exploit of any stupid name conducted on your box?

> The reasons one doesn't hear too much about these things are two-fold:
> a) the people not getting cracked are the ones who've gone to the trouble
> to protect their assets, who take a personal interest in the running of
> their servers, while
> b) the fuckwits who get all their boxes cracked are the ones who don't show
> any care and either turn up on here and whinge, or don't even notice.

> In any case, we linux-ers still have a better track-record than the vast
> millions who use windoze. Statistics have been flying again, this past

Not only still, even where the OSS market-share is much higher
then anything else like Apache, but we haven't heard about large
scale attacks/trojans against it. OK, might be type a).;)

> ~fortnight, about the percentage of windoze boxes infected by at least one
> virus or spyware program.

100% ack, great write up! 

-- 
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 97: Small animal kamikaze attack on power supplies