| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: david at luyer.net (David Luyer) Subject: Re: January 15 is Personal Firewall Day, help the cause On Fri, Jan 16, 2004 at 01:57:15PM -0500, David F. Skoll wrote: > On Fri, 16 Jan 2004, Exibar wrote: > > > Will any of these do? Will you still think you don't need AV on Linux now? > > here's a partial list..... don't choke too hard now! > > Those are all proof-of-concept. I'm unaware of a single production > Linux machine anywhere in the world succumbing to one of them. Perhaps > you can provide evidence to the contrary? > > Furthermore, most of them are not self-propagating, but require active > cooperation from the recipient. > > I do not need nor use AV on Linux. But what about ye evil polymorphic .sig virus? To my knowledge it's the most prolific virus to infect Linux users to date, see below for evidence of three infections! +== Begin quote: Gregory Maxwell on linux-kernel, 20 May 1999 === + + On Wed, 19 May 1999, Thomas Wouters wrote: + > > Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread! + > + > Excellent signature :-) + > + > -- + > Thomas Wouters <thomas@...all.net> + > + > Hi! I'm a .signature virus! copy me into your .signature file to help me spread! + + Wow! It's polymorphic! + -- + Gregory Maxwell <gmaxwell@...tin.fl.us> + + Hi! I'm a .signature virus! cp me into your .signature file to help me spread! + === End quote === Seriously - while there are no prolific Linux "viruses", there is still a place for "scanners" - eg. chkrootkit; it's also potentially useful to use something to check your system hasn't accidentally ended up with eggdrops and other things installed. The chance of a Linux "virus" propogating and remaining valid for an extended period of time against updated systems may be extremely low, but the chance of an uneducated user's Linux system with full net access getting compromised is non-zero. David. -- Hi! I'm a .sig virus. Copy me into your .signature file to help me spread!
Powered by blists - more mailing lists