Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 3 Jun 2002 13:15:47 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 3 Jun 2002 13:15:45 -0400 Received: from chaos.analogic.com ([204.178.40.224]:10880 "EHLO chaos.analogic.com") by vger.kernel.org with ESMTP id ; Mon, 3 Jun 2002 13:15:38 -0400 Date: Mon, 3 Jun 2002 13:16:12 -0400 (EDT) From: "Richard B. Johnson" Reply-To: root@chaos.analogic.com To: Zack Brown cc: Linux Kernel Mailing List Subject: Re: [OT] Linux virus? In-Reply-To: <20020603155736.GA10504@renegade> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 3 Jun 2002, Zack Brown wrote: > Not really on topic for this list, but probably of interest to a lot of > people here. > > http://www.symantec.com/avcenter/venc/data/linux.simile.html > > -- > Zack Brown > - Symantec is in the business of selling "anti virus" software. In their "example", there is a cp_ini file owned by "guest". This is apparently on a system that allowed guest access so anybody could ftp a file called anything into that account. Just because it's ELF, it doesn't mean it's executable even though the executable bit is set. Even if it would delete everything on your hard disk, I would need to be executed from the root account. If somebody set up a system so root could upload a file using ftp, without a password and/or without in being on the local LAN, they get what they deserve. Also, when you access the symantec site, you end up getting one of those persistent "Casino on the Net" advertisements that won't go away without disconnecting the network wire. Therefore, Symantec contributes to virii themselves.... Also, if you use M$ Exploder, check your "history" after accessing this site. You may find that you just accessed a bunch of porno sites, according to the history. Cheers, Dick Johnson Penguin : Linux version 2.4.18 on an i686 machine (797.90 BogoMips). Windows-2000/Professional isn't. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/