Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Worm bait?



On Wed, 20 Aug 2003, Derek Martin wrote:

> On Wed, Aug 20, 2003 at 11:14:07AM -0400, Jerry Feldman wrote:
> > Derek,
> > While I agree that Outlook and Outlook Express is crap, but I disagree
> > with your premise. The reason that "Outlook is so aggressively targeted"
> > is that it is the most widely installed email program. If Eudora Pro had
> > as wide a distribution as the Outlook family, it would be targeted. 
> > Additionally, the W32.Sobig.F at mm does not target Outlook. If actually
> > looks for email addresses in files. 
> 
> This theory does nothing to explain why IIS is the most attacked web
> server.  It is NOT the most widely installed web server.  I conclude
> that there is something else at work here.

Perhaps it makes more sense if you think of it in a Product/OS
combination. Compare the number of IIS on Windows servers versus Apache on
Solaris, Apache on Redhat, Apache on Debian, Apache on IRIX, etc.

Even if Apache had a published vulnerability, writing a worm that works 
effectively on any system that Apache runs on it is a lot more difficult 
than writing for one specific system type.  Even with different linux 
distributions you're going to end up with programs in different 
locations and various other small incompatabilities.

--
Greg





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org