 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Massimo Morin wrote: > > Hi, > sorry, perhaps I don't get it, or perhaps I'm not up to date with the > "virus technology & OS" science but virus on Unices sounds VERY weird to > me. > > As far as I know a virus (in the general sense of it) is a program that > replicate itself, spread it around and a certain point it activates > itself for doing some "action" (writing "Marry Christmas" and destroyng > your FS). Au Contrere. Writing an effective virus for Unix may be a bit more challenge than Windows, but the technology is there. To do serious damage to a Unix system, one needs to be root, but a not too sophisticated virus can do a lot of damage to an individual user. Let's just take the case where the virus wants to become root. While in user mode, it might check the user's path, and then create a user mode sudo command. This "sudo" command would sit around until the user used the real sudo command. If the virus sudo was in the path before sudo, it could then appear to be like sudo, parse the command line, issue the password prompt, get the user's password, store the password somewhere, execute the real sudo and erase itself. Now we have the user's password squirreled away, so the virus can execute the sudo command itself. (or even worse, su). Once it gains a way to get root priviledge anything goes. One of the oldest hacks around is to log into a terminal, install a login program. The login program simply collects passwords, and passes through the user. Unix and Linux may require a bit more sophistication than a Windoz or Mac virus, but they do exist, and we shall be seeing more of them as people start running Linux on their desktops. While viruses, trojan horses and worms are related, they all are dangerous. -- Jerry Feldman (HP On-Site Consultant) http://gbrweb.msd.ray.com/~gzf/ +-------------------------------------------------------+-----Note: ------+ | Raytheon Electronic Systems (W) (781)999-1837/1-1837 | My views may not| | Mail Stop: S3SG10 (F) (781)999-4030/1-4030 | reflect the | | 180 Hartwell Road (W) gzf at gbr.msd.ray.com | views of my | | Bedford, MA 01730-2498 (FWD:H+W) gaf at blu.org | employer. | +-------------------------------------------------------+-----------------+ - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
