Re: Viruses and Linux

From: J.O. Aho (user_at_example.net)
Date: 01/18/04 

Date: Sun, 18 Jan 2004 14:42:22 +0100

MikeyD wrote:

> No, I'm expecting an email client that can open/execute things with one
> click. It *is* a useful feature, and sooner or later there will be enough
> users that want it that it will be enabled as standard in a default
> installation of red hat or mandrake or whatever distro has the most of that
> kind of user.

There are a difference between *nix systems and microsoft windows, as long as
you would happen to run one of those "scripts", you will most likely limit the
damage to the user in questions homedirectory vs a microsoft windows user will
affect his whole system. I know that newbies usually seem to login in as root
and use the system that way, but they will learn the hardway to not be root.

There are more differences, in the *nix community we still do by default
restrict what can be done contra microsoft who by default see to that
everything can be done.

So the one who writes say an Evolution script, this scriptwriter, if he wants
to get system access will need to know a lot of possible flaws in software
that be in different programs/applications and so on, which would make the
script quite large and quite "random" if it will work or not on the system
where the "virus" is sent. Next you need to get the virus to the next machine,
for this you need to access the addressbook in a simple way like in OE and
then get the virus to send the mail too, I don't see this impossible, but a
bit though to do.

I don't see that virus makers would target single users on *nix like system,
they tend to want to make more havoc and affect the system itself like
backdoors and the possible to run services and so on, then it's a lot better
to target at server programs.

  //Aho

Relevant Pages

  • [NT] Heap Overflow in Windows Script Engine
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Script Engine Could Allow Code Execution, ... * Microsoft Windows 98 Second Edition ... Outlook Express, remote attackers can exploit an integer overflow within ...
    (Securiteam)
  • Re: Vancouver is best place to live
    ... write virus programs for them. ... The execution path ... in binary executables is different on *nix so you can't just slap a virus ... The problem winders has had, so far, is ineffective security protection. ...
    (soc.culture.scottish)
  • Re: Vancouver is best place to live
    ... Surely that comes as no surprise? ... Had to reload windows and every other bit of software I've added in the last year including 10 months worth of virus updates - you know the story. ... in binary executables is different on *nix so you can't just slap a virus onto the end of a legitimate application and expect it to run when the legit application is called. ... Also, even if you could pull this off, it wouldn't run in root space so it wouldn't affect the OS or restart at boot time, it also couldn't affect the boot sector. ...
    (soc.culture.scottish)
  • Re: Vancouver is best place to live
    ... Surely that comes as no surprise? ... Had to reload windows and every other bit of software I've added in the last year including 10 months worth of virus updates - you know the story. ... The execution path in binary executables is different on *nix so you can't just slap a virus onto the end of a legitimate application and expect it to run when the legit application is called. ...
    (soc.culture.scottish)
  • Re: Ghost icon on server
    ... dealing with *nix hidden dot files if you try to rename it ... Create a script Perl/PHP/Shell script to rename the folder as ... file manager script, fit it there... ... and proving more bothersome than I want to appea. ...
    (alt.html)