At Wed, 03 Jan 2001 11:39:10 -0600, John Travis wrote: > > I know this is a little OT but this is about the only forum where I > provide the email address that the message in question was received from. > And besides, you gurus should be able to straighten this out :-). I just > got an email (not at this address) warning of a GNU/Linux virus named LinX > that is _supposedly_ going to destroy my shadow password file next month. > It contained an executable that was supposed to scour your computer and > determine if you were infected. But upon looking at it in an editor > certain things just look bad. It looks like it starts a file with the > contents of ls, then cats your passowrd files on, then tries to initiate a > net connection and sendmail the file to an address at yahoo.com? Now I've > been up for a *long* time, so maybe I'm just being paranoid. I know the > files would be encypted anyway, just curious. So has anyone else heard of > this would be virus? >
More accurately, you could call it a trojan horse. Sending your password file out by mail is never a good idea. Even though it is encrypted, having a copy of it would give a potential attacker all the time he or she needs to crack it with a brute force approach. Why can't the skr1p7k1dd13z (sp?) stay on Microsoft turf? > TIA, > > jt > > time to sleep... g'night, j
