Re: Mac OS Trojan, will this affect Linux?
- From: David Wright <david_c_wright@xxxxxxxxxxx>
- Date: Sat, 18 Feb 2006 09:22:36 +0100
David Bolt wrote:
On Fri, 17 Feb 2006, houghi <houghi@xxxxxxxxxxxxxxxxxx> wrote:-
David Bolt wrote:
Since that's apparently how most of the Windows "viruses" are caught,
there's bound to be some users that swap over to a Linux system and
follow the same procedure. Luckily, it'll take a little more than a
simple double-click-to-run-and-you're-screwed to get a Linux system but,
in some cases, not a great deal more.
People have been asked to unpack a zipped file, enter a password and
excecute the code.
Social engineering can do all sorts of things. In this case, quite often
the files they were asked to execute had an embedded icon to make it
look like a "safe" file[0]. Combined with the wonderfully "friendly"
hide-known-extensions[1], makes it easy for people who are not paying
too much attention, or just don't know about this wonderful "friendly
feature," to open up something that they shouldn't.
I don't, if I haven't asked for an attachment it goes straight in the bin,
and if there is an attachment I requested, I open by opening the program it
should be used in, with script execution turned off - after first virus
checking it.
Any system will be vurlerable to such abuse,
including Linux.
True. But it's still going to be a bit of extra work to make it work on
multiple distributions. Actually, thinking about it, compiling any
"virus" as a static program and using i386 as the base architecture and
processor type, should ensure it will run on the maximum number of Linux
systems. All that would then be required would be an exploit that gives
root access and/or a bit of social engineering.
As houghi said, you can do it with a simple bash script, it isn't rocket
sceince and it isn't platform dependent.
<snip sig>
[0] So far, the most common icons are used for JPEG or DOC, which are
assumed by most people to be safe.
[1] Which, even if you turn off, still hides some extensions used by
"executable" files. Showing these requires a registry hack, with all the
dire warnings that accompany such a procedure.
I assume when you are talking registry you are referring to Windows, as OS X
is Unix based, so I would assume it doesn't have a registry... In Windows
showing file extensions can be turned on with an option from the Explorer
window, Tools-Folder Options->View (Ansicht on my German Windows) and
uncheck the "Erweiterungen bei bekannten Dateitypen ausblenden" (Hide
extensions for known file types )
Dave
--
"I got to go figure," the tenant said. "We all got to figure. There's some
way to stop this. It's not like lightning or earthquakes. We've got a bad
thing made by men, and by God that's something we can change."
- The Grapes of Wrath, by John Steinbeck
.
- Follow-Ups:
- Re: Mac OS Trojan, will this affect Linux?
- From: houghi
- Re: Mac OS Trojan, will this affect Linux?
- References:
- Mac OS Trojan, will this affect Linux?
- From: piperut
- Re: Mac OS Trojan, will this affect Linux?
- From: houghi
- Re: Mac OS Trojan, will this affect Linux?
- From: piperut
- Re: Mac OS Trojan, will this affect Linux?
- From: houghi
- Re: Mac OS Trojan, will this affect Linux?
- From: Brian K
- Re: Mac OS Trojan, will this affect Linux?
- From: David Bolt
- Re: Mac OS Trojan, will this affect Linux?
- From: houghi
- Re: Mac OS Trojan, will this affect Linux?
- From: David Bolt
- Mac OS Trojan, will this affect Linux?
- Prev by Date: Re: Packages needed for a gnome desktop?
- Next by Date: KDE 3.5.1 update yesterays fixed logout crash
- Previous by thread: Re: Mac OS Trojan, will this affect Linux?
- Next by thread: Re: Mac OS Trojan, will this affect Linux?
- Index(es):
Relevant Pages
|
