Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Linux users warned of new Trojan danger

Hybrid View

  1. #1
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Linux users warned of new Trojan danger

    Security companies are warning Linux users over a new and dangerous Trojan that may have originated in the UK.

    The Trojan contains self-replicating virus-like capabilities and has similarities to the Windows-based Back Orifice tool, putting Linux boxes at risk of remote control.

    The so-called Remote Shell Trojan spreads through email as well as replicating itself across the infected system. It installs a backdoor which listens for incoming connections on UDP port 5503 or higher, and allows remote attackers to connect to, and take control of, an infected system.

    The Trojan is most dangerous if it is executed by a privileged user as it inherits the credentials of that user, effectively allowing it to take full control.

    Qualys, the security firm claiming to have discovered the worm, said: "Once a system is infected, the Remote Shell Trojan calls home to a UK-based website."

    The company explained that this would allow hackers to accumulate lists of infected servers which could be used "to construct chronic distributed denial of service attacks on specified targets".

    Qualys also warned that the size and scope of the Trojan could be massive. Over 58 per cent of websites worldwide currently use Apache servers for which Linux is the most popular platform.

    If the worm turns into an epidemic this gives it more potential for damage than Code Red, which affected Windows NT servers that account for just 25 per cent of website servers, according to Qualys.

    http://www.vnunet.com/News/1125288

  2. #2
    Mentor
    Join Date
    Jun 2001
    Posts
    1,672

    Re: Linux users warned of new Trojan danger

    This doesn't make any sense. What system administrator in the right mind would open an email attachment as a privileged user?

  3. #3
    Guest

    Re: Linux users warned of new Trojan danger

    Uhmm did you notice the date of the piece of 'news'? 07-09-2001... Haven't heard any serious damage reports since then.

  4. #4

    Re: Linux users warned of new Trojan danger

    It almost sounds like a hoax. There is no Outlook for Linux so it's a bit harder for email virii to flurish.

  5. #5
    Mentor
    Join Date
    May 2001
    Location
    New Jersey
    Posts
    1,473

    Re: Linux users warned of new Trojan danger

    it's probably something generated by Microsoft to start negative publicity for Linux.

    Why should microsoft be the only ones able to spread a virus??

  6. #6

    Re: Linux users warned of new Trojan danger


    Why should microsoft be the only ones able to spread a virus??
    Why not? they're trying to get a monopoly on everything else.

  7. #7

    Re: Linux users warned of new Trojan danger

    how on earth can you get a virus in Linux?

    don't people tell you 5 bazillion times, "DON'T USE THE INTERNET AS ROOT!!!"?

  8. #8

    Re: Linux users warned of new Trojan danger

    Lusers are stubborn and refuse to listen. I know a machead who installed linux and does everything in root...

    but, any experienced sysadmin who knows anything about anything is smart enough not to do this. The group of people who browse the internet as root and the group of people who run Apache won't overlap much, so I doubt this virus has has very little viability if it even exists at all. And yes, judging by the date the virus is either a hoax or a dud.

  9. #9
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Re: Linux users warned of new Trojan danger

    This piece of news is a little old but the virus is surfacing again. The first time around, the threat was dismissed due to that you need to be a previledged user to be able to write and open the attachment. So open sourced ( Linux Users in particular ) were dimissing it on /..

    But this time around, it's different. Many users (losers??) are running Linux with GUI mail clients capable of opening HTML mails and all that stuff. You will also be surprised that there are a whole lot of people surfing the net with Root account and they think that it's too much pain to log on with normal user and su to it.

    The other day, I was testing the CGI Bash translator on one of my friends' web server which he hosted on commercial web services provider. To my great surprised, there were 4 root log ons at tty*'s and one normal and one root log in at pts* ( so my guess is that the guy is remotely log in with user account but all of those who has physical access are logged in with root account ) : And it's freaking web server.

  10. #10
    Mentor coltrane's Avatar
    Join Date
    May 2001
    Location
    North Carolina
    Posts
    1,390

    Re: Linux users warned of new Trojan danger

    Ive conceded that Windows is better suited for lazy users who merely want to "click and drool". Linux users should know better than to run thier systems as root 100% of the time. I normally su to do anything i need to......I used to kill dhcpcd when I logged into root. But thats just me.


    To each his/her/Digital Froggy's own......


Similar Threads

  1. BackDoor-CVT Trojan
    By koala in forum Linux - Software, Applications & Programming
    Replies: 1
    Last Post: 09-18-2007, 12:17 PM
  2. Linux users warned over Firefox flaw
    By trickster in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 09-25-2005, 12:49 AM
  3. Replies: 10
    Last Post: 05-30-2004, 05:15 AM
  4. Trojan.Linux.JBellz
    By trickster in forum General Chat
    Replies: 2
    Last Post: 01-19-2003, 01:39 AM
  5. PHP exploit found!  DANGER!
    By Killer_Penguin in forum Linux - Hardware, Networking & Security
    Replies: 3
    Last Post: 02-27-2002, 03:42 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •