LITTLEBLACKDOG.COM

Posted: Mon Feb 20, 2006 8:50 pm Post subject: Mac Worm

http://www.techworld.com/security/news/index.cfm?NewsID=5409

Posted: Mon Feb 20, 2006 11:24 pm Post subject: Re: Mac Worm

OhioArt2 wrote:
http://www.techworld.com/security/news/index.cfm?NewsID=5409

now there's somethign different

Posted: Tue Feb 21, 2006 12:32 am Post subject:

and so what? FUD from f-secure, exploiting last year's security hole. Note they say it was fixed in 10.4.1 and you have to be running Bluetooth in it's least secure mode, which requires conscious effort, plus bluetooth.

It's one for the DUH channel that worm writers and script kiddies will start trying to infect linux and OSX machines, since there are quite a lot of them. Rootkits aren't new, but they are pretty rare, especially when you firewall yourself and keep the software up to date.

And user education helps too. Personally if I hit a website and all of a sudden Software Update pops up asking for my root password, I'd certainly decline.

Posted: Tue Feb 21, 2006 2:27 am Post subject:

EdisonRex wrote:
and so what? FUD from f-secure, exploiting last year's security hole. Note they say it was fixed in 10.4.1 and you have to be running Bluetooth in it's least secure mode, which requires conscious effort, plus bluetooth.

It's one for the DUH channel that worm writers and script kiddies will start trying to infect linux and OSX machines, since there are quite a lot of them. Rootkits aren't new, but they are pretty rare, especially when you firewall yourself and keep the software up to date.

And user education helps too. Personally if I hit a website and all of a sudden Software Update pops up asking for my root password, I'd certainly decline.

makes sense. I see the same thing with awstats.pl and WEB-PHP exploits smashing the firewall 20 times a day. Amazing that there's still infected machines out there.

Guide Dog Joined: 08 Nov 2003 Posts: 8403 Location: MN

linx viruses scare me... mostly because there are so many versions and different code bases for things in linux... so many different ways to do the same thing... it would be hard to tell if you were vunerable to a certain virus... but for the same reason people will stay away from attacking such things... stick with the big contenders, hacks on ssh hacks on apache... ect... and if viruses do start comming to linux we just need to switch to bsd and stay one step ahead of the game... Smile

Posted: Tue Feb 21, 2006 8:13 am Post subject:

kind of hard to really do much damage on linux. unless it can sudo or run as root, even then it can be repaired pretty quickly. No registry to hide code in, etc.

Likewise so long as data is not received under system context from unknown and untrusted sources, ie everything stays in the design spec, there will be the occasional, highly trumpeted event, which invariably turns out to be a damp squib.

Guide Dog Joined: 08 Nov 2003 Posts: 8403 Location: MN

EdisonRex wrote:
kind of hard to really do much damage on linux. unless it can sudo or run as root, even then it can be repaired pretty quickly. No registry to hide code in, etc.

Likewise so long as data is not received under system context from unknown and untrusted sources, ie everything stays in the design spec, there will be the occasional, highly trumpeted event, which invariably turns out to be a damp squib.

oh but when you have root access to a machine it is so easy to remove access for every one else... wipe out so many things...

I don't know I just think that if a wide spread virus were to hit linux it'd be a bigg ol' mess really quick... though I don't think anything of blaster capacity will ever hit linux, it is a fear I live with.