Re: Which is better?

From: Robert Heller <heller@xxxxxxxxxxxx>
Date: Tue, 21 Mar 2006 05:18:48 +0100

The Natural Philosopher <a@xxx>,
In a message on Tue, 21 Mar 2006 00:51:44 +0000, wrote :

TNP> Robert Heller wrote:
TNP> > The Natural Philosopher <a@xxx>,
TNP> > In a message on Mon, 20 Mar 2006 11:22:49 +0000, wrote :
TNP> >
TNP> > TNP> (PeteCresswell) wrote:
TNP> > TNP> > Per Robert Heller:
TNP> > TNP> >> You don't need virus scanning if *all* the machines on the LAN are
TNP> > TNP> >> running Linux.
TNP> > TNP> >
TNP> > TNP> > Is that because of some inherent resistance in Linux or because people who write
TNP> > TNP> > viruses haven't turned their attention to Linux yet?
TNP> > TNP>
TNP> > TNP> The latter mainly.
TNP> > TNP>
TNP> > TNP> The first internet worm was written to attack a particular version of
TNP> > TNP> Sendmail running on VMS.
TNP> >
TNP> > The Morris Worm attacked Sendmail and finger on *SunOS*, not VMS! VMS
TNP> > was never affected AFAIK. And those versions of Sendmail and finger are
TNP> > long long gone.
TNP> >
TNP>
TNP> I think not. Check again.
TNP>
TNP> It may have been Unix, but it was definitely a DEC machine, not a sun.
TNP> that caught it first....

Might have been Ultrix or VAXBSD -- some *commercial* BSD flavored UNIX
(SunOS < 5 is BSD based). Wasn't VMS -- the Morris Worm attacked a bug
in sendmail and finger, both of which are UNIX programs and were not
used under VMS (at least not then). There was a buffer overflow in the
finger daemon (it used gets() and not fgets()) and some of the early
*commercial* UNIXes shipped with sendmail compiled with a debug flag
on, which provided a 'test mode' that allowed the Morris Worm a root
foothold.

TNP>
TNP> > TNP>
TNP> >
TNP> > Robert Heller -- 978-544-6933
TNP> > Deepwoods Software -- Linux Installation and Administration
TNP> > http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
TNP> > heller@xxxxxxxxxxxx -- Contract Programming: C/C++, Tcl/Tk
TNP> >
TNP> >
TNP> >
TNP> >
TNP> >
TNP> >
TNP> >
TNP>

Robert Heller -- 978-544-6933
Deepwoods Software -- Linux Installation and Administration
http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
heller@xxxxxxxxxxxx -- Contract Programming: C/C++, Tcl/Tk

.

Follow-Ups:
- Re: Which is better?
  - From: Jean-David Beyer

References:
- Re: Which is better?
  - From: (PeteCresswell)
- Which is better?
  - From: Better
- Re: Which is better?
  - From: ray
- Re: Which is better?
  - From: Robert Heller
- Re: Which is better?
  - From: (PeteCresswell)
- Re: Which is better?
  - From: The Natural Philosopher
- Re: Which is better?
  - From: Robert Heller

Prev by Date: transcode and mpeg2_accel
Next by Date: Re: Which is better?
Previous by thread: Re: Which is better?
Next by thread: Re: Which is better?
Index(es):
- Date
- Thread

Relevant Pages

Re: Which is better?
... TNP> Jean-David Beyer wrote: ... TNP>>> in sendmail and finger, both of which are UNIX programs and were not ... TNP>> back door into sendmail to permit testing. ... actually my understanding was that the used a buffer read command ...
(comp.os.linux.misc)
Re: Which is better?
... TNP> Jean-David Beyer wrote: ... TNP>>> in sendmail and finger, both of which are UNIX programs and were not ... TNP>> back door into sendmail to permit testing. ... actually my understanding was that the used a buffer read command ...
(comp.os.linux.misc)
Re: Which is better?
... TNP> Robert Heller wrote: ... TNP>> TNP> Sendmail running on VMS. ... By sending an abnormally long string to it in an email address, the stack was overwritten, and return from the function was then to a pre-empted code address. ... It only worked on a machine whose instruction set you knew - and whose memory locations you knew. ...
(comp.os.linux.misc)
Re: Which is better?
... TNP> Robert Heller wrote: ... TNP>> TNP> Sendmail running on VMS. ... recompiled, and someone forget to do that, so the back door was left open. ...
(comp.os.linux.misc)