On Sun, 2005-11-27 at 06:24 -0500, Edward J. Shornock wrote: > On Thu, Nov 24, 2005 at 08:56:58AM -0500, Jude DaShiell wrote: [snip] > > Unless something has changed _very_ recently, there shouldn't be *any* > spyware that can infect Linux systems as happens in the world of > Windows...
Rootkits and worms come immediately to mind. What's to stop such malware (which, if it exploits the "right" bug), from installing a keylogger (since, remember it's a *root* kit), and sending everything someone types thru port 80 to some site in Romania? Or grabbing your /etc/shadow, and doing a dictionary attack to get root and user passwords so as to log in via ssh, and do mischief? Daemon minimalism, firewall maximalism & strong passwords are the sine qua non of security, but you're still vulnerable, especially if you then do something stupid like turn around and run old, buggy versions of PHP, libc6, etc, etc. -- ----------------------------------------------------------------- Ron Johnson, Jr. Jefferson, LA USA "That doctrine of peace at any price has done more mischief than any I can well recall that have been afloat in this country. It has occasioned more wars than any of the most ruthless conquerors. It has disturbed and nearly destroyed that political equilibrium so necessary to the liberties and the welfare of the world." Benjamin Disraeli -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
