[Wolves] {Dangerous Filename?} Hi
sparkes
sparkes at phreaker.net
Fri Jan 30 22:31:29 GMT 2004
On Fri, 2004-01-30 at 21:00, David Goodwin wrote:
> >
> > can I assume that wherever this email came from it
> > will not affect my pc? I don't have windows anymore???
> >
> > Mo
> >
>
>
> yes.. don't panic... it's something *only* windows computers suffer from.
;-) normally true
>
> I've yet to hear of a virus for linux.
it depends on how you use the term virus. Most windows viruses are worms with elements of a trojan sometimes to get the user to up the privalages, such as opening a file in the unprotected my computer zone.
The same sorts of things are possible in linux.
The first linux virus in the wild was bliss
http://math-www.uni-paderborn.de/~axel/bliss/
There have been a few more found since but the monoculture of windows
and the totally insecure default settings on windows compared with the
diverse unixlike world makes the spread of viruses far less easy. It is
still possible to write a worm that uses unpatched old network software
in the same way that many windows virii are outlook worms. But there
would be far less, for example, unpatched mail servers than unpatched
outlooks several months after an exploit has been found becuase open
source software leads to a higher number of upgrades. It's free (as in
beer) so we upgrade, MS Windows is so unsecure so long after patches
becuase windows users are shit scared uncle billy will sue them for
having a dodgy copy of word.
if anyone wants an overview on writing a virus for linux try
http://www.lwfug.org/~abartoli/virus-writing-HOWTO/_html/
for a full run down on how the traditional parasitic virus (well the
only real virus) could be written for elf binaries. Run one of the
buggers (perhaps in a trojan horse) and every binary you have access to
would become infected. You could use this to learn how to write virii
for other executable formats.
not too much imagination is needed to see how you could write an elf
binary infector and hide in it a cool new toy. Send target new toy.
Target likes toy and keeps it and one day when bored runs it as root.
Toy infects ssh, the syslogger, and any ids and calls you up at a
prearranged hotmail account to say come and play with me ;-)
Still the good security measures and user groups protect us a lot more
than windows users so we don't have to worry, plus we can be pretty sure
that one of us infected wouldn't infect the rest of us. This is why
nobody is writing and releasing tons of linux worms, they don't make the
6 o'clock news ;-)
>
> David.
sparkes
PS. In the interests of openess I have just explained how to find the
infomation to write a virus that could infect some unixlike machines and
how it could be used to 0wn bunches of boxes then I might as well tell
you the password to virus creation lab. For all the none gibson fans
it's 'chibacity' ;-) now don't go and write a hundred DOS virii tonight
boys
More information about the Wolves
mailing list