[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040117095345.GA11111@pacific.net.au>
From: david at luyer.net (David Luyer)
Subject: Re: January 15 is Personal Firewall Day, help the cause
On Fri, Jan 16, 2004 at 01:57:15PM -0500, David F. Skoll wrote:
> On Fri, 16 Jan 2004, Exibar wrote:
>
> > Will any of these do? Will you still think you don't need AV on Linux now?
> > here's a partial list..... don't choke too hard now!
>
> Those are all proof-of-concept. I'm unaware of a single production
> Linux machine anywhere in the world succumbing to one of them. Perhaps
> you can provide evidence to the contrary?
>
> Furthermore, most of them are not self-propagating, but require active
> cooperation from the recipient.
>
> I do not need nor use AV on Linux.
But what about ye evil polymorphic .sig virus? To my knowledge it's the most
prolific virus to infect Linux users to date, see below for evidence of three
infections!
+== Begin quote: Gregory Maxwell on linux-kernel, 20 May 1999 ===
+
+ On Wed, 19 May 1999, Thomas Wouters wrote:
+ > > Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
+ >
+ > Excellent signature :-)
+ >
+ > --
+ > Thomas Wouters <thomas@...all.net>
+ >
+ > Hi! I'm a .signature virus! copy me into your .signature file to help me spread!
+
+ Wow! It's polymorphic!
+ --
+ Gregory Maxwell <gmaxwell@...tin.fl.us>
+
+ Hi! I'm a .signature virus! cp me into your .signature file to help me spread!
+
=== End quote ===
Seriously - while there are no prolific Linux "viruses", there is still a place
for "scanners" - eg. chkrootkit; it's also potentially useful to use something
to check your system hasn't accidentally ended up with eggdrops and other things
installed. The chance of a Linux "virus" propogating and remaining valid for
an extended period of time against updated systems may be extremely low, but
the chance of an uneducated user's Linux system with full net access getting
compromised is non-zero.
David.
--
Hi! I'm a .sig virus. Copy me into your .signature file to help me spread!
Powered by blists - more mailing lists