Reply With QuoteThis doesn't make any sense. What system administrator in the right mind would open an email attachment as a privileged user?
Security companies are warning Linux users over a new and dangerous Trojan that may have originated in the UK.
The Trojan contains self-replicating virus-like capabilities and has similarities to the Windows-based Back Orifice tool, putting Linux boxes at risk of remote control.
The so-called Remote Shell Trojan spreads through email as well as replicating itself across the infected system. It installs a backdoor which listens for incoming connections on UDP port 5503 or higher, and allows remote attackers to connect to, and take control of, an infected system.
The Trojan is most dangerous if it is executed by a privileged user as it inherits the credentials of that user, effectively allowing it to take full control.
Qualys, the security firm claiming to have discovered the worm, said: "Once a system is infected, the Remote Shell Trojan calls home to a UK-based website."
The company explained that this would allow hackers to accumulate lists of infected servers which could be used "to construct chronic distributed denial of service attacks on specified targets".
Qualys also warned that the size and scope of the Trojan could be massive. Over 58 per cent of websites worldwide currently use Apache servers for which Linux is the most popular platform.
If the worm turns into an epidemic this gives it more potential for damage than Code Red, which affected Windows NT servers that account for just 25 per cent of website servers, according to Qualys.
http://www.vnunet.com/News/1125288
This doesn't make any sense. What system administrator in the right mind would open an email attachment as a privileged user?
Uhmm did you notice the date of the piece of 'news'? 07-09-2001... Haven't heard any serious damage reports since then.
It almost sounds like a hoax. There is no Outlook for Linux so it's a bit harder for email virii to flurish.
it's probably something generated by Microsoft to start negative publicity for Linux.
Why should microsoft be the only ones able to spread a virus??
Why not? they're trying to get a monopoly on everything else.Why should microsoft be the only ones able to spread a virus??
how on earth can you get a virus in Linux?
don't people tell you 5 bazillion times, "DON'T USE THE INTERNET AS ROOT!!!"?
Lusers are stubborn and refuse to listen. I know a machead who installed linux and does everything in root...
but, any experienced sysadmin who knows anything about anything is smart enough not to do this. The group of people who browse the internet as root and the group of people who run Apache won't overlap much, so I doubt this virus has has very little viability if it even exists at all. And yes, judging by the date the virus is either a hoax or a dud.
This piece of news is a little old but the virus is surfacing again. The first time around, the threat was dismissed due to that you need to be a previledged user to be able to write and open the attachment. So open sourced ( Linux Users in particular ) were dimissing it on /..
But this time around, it's different. Many users (losers??) are running Linux with GUI mail clients capable of opening HTML mails and all that stuff. You will also be surprised that there are a whole lot of people surfing the net with Root account and they think that it's too much pain to log on with normal user and su to it.
The other day, I was testing the CGI Bash translator on one of my friends' web server which he hosted on commercial web services provider. To my great surprised, there were 4 root log ons at tty*'s and one normal and one root log in at pts* ( so my guess is that the guy is remotely log in with user account but all of those who has physical access are logged in with root account ) :And it's freaking web server.
Ive conceded that Windows is better suited for lazy users who merely want to "click and drool". Linux users should know better than to run thier systems as root 100% of the time. I normally su to do anything i need to......I used to kill dhcpcd when I logged into root. But thats just me.
To each his/her/Digital Froggy's own......
Posting Permissions
Bookmarks