http://www.securityfocus.com/ there's a link on the main page regarding
latest linux worm
and
http://www.sans.org/y2k/adore.htm
-thx, robt
Shawn Garbett wrote:
>
> Whoops, using a Microsoft Windows box with Netscape here at work,
> ugh. Had to fight the @[EMAIL PROTECTED] box just to give me
On Sun, Apr 01, 2001 at 09:23:33AM +, hzi wrote:
> When you use wvdial, you read e-mail as root, don't you? Wvdial is probably
> the most common way to set up a ppp conection, since it's suggested in the
> Debian docuemtntaion.
> So I guess my question would be how to use wvdial and still re
> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> sudo with an ALL=ALL entry is just as dangerous (more so
Ethan> IMO, because it turns user passwords into multiple root
Ethan> passwords) then su.
Hopefully one day you will be able to something like this:
Obtain a Kerb
On Sat, Mar 31, 2001 at 11:06:31PM -0800, Karsten M. Self wrote:
> on Sat, Mar 31, 2001 at 08:45:25AM -0600, John Hasler ([EMAIL PROTECTED])
> wrote:
> > Ethan Benson writes:
> > > cat <> ~/.bashrc
> > > alias su='su -c ~/.virus'
> > > EOF
> >
> > su might benefit from a configuration file that s
on Sat, Mar 31, 2001 at 08:45:25AM -0600, John Hasler ([EMAIL PROTECTED]) wrote:
> Ethan Benson writes:
> > cat <> ~/.bashrc
> > alias su='su -c ~/.virus'
> > EOF
>
> su might benefit from a configuration file that sets the permissable path
> for -c.
>
> Another possible fix might be for bash to
On Sat, Mar 31, 2001 at 05:54:07PM -0600, John Hasler wrote:
> Ethan Benson writes:
> > cat <> ~/.bashrc
> > export PATH="$HOME/.evil:${PATH}"
> > EOF
>
> > and put a bogus su shell script in ~/.evil
>
> chmod a-w ~/.bashrc ~/.bash_profile
>
> .bashrc and .bash_profile should be read-only by def
Ethan Benson writes:
> cat <> ~/.bashrc
> export PATH="$HOME/.evil:${PATH}"
> EOF
> and put a bogus su shell script in ~/.evil
chmod a-w ~/.bashrc ~/.bash_profile
.bashrc and .bash_profile should be read-only by default, IMHO.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
El
hzi writes:
> When you use wvdial, you read e-mail as root, don't you?
I can't think of any reason why that follows.
> Wvdial is probably the most common way to set up a ppp conection, since
> it's suggested in the Debian docuemtntaion.
Which documentation is that?
--
John Hasler
[EMAIL PROTECT
hzi wrote:
>
> Hi-
>
> When you use wvdial, you read e-mail as root, don't you? Wvdial is probably
> the most common way to set up a ppp conection, since it's suggested in the
> Debian docuemtntaion.
>
> So I guess my question would be how to use wvdial and still remain safe from
> "virus".
Hi-
When you use wvdial, you read e-mail as root, don't you? Wvdial is probably the
most common way to set up a ppp conection, since it's suggested in the Debian
docuemtntaion.
So I guess my question would be how to use wvdial and still remain safe from
"virus".
Thank you,
On Sat, Mar 31, 2001 at 08:45:25AM -0600, John Hasler wrote:
> Ethan Benson writes:
> > cat <> ~/.bashrc
> > alias su='su -c ~/.virus'
> > EOF
>
> su might benefit from a configuration file that sets the permissable path
> for -c.
interesting idea, somewhat similar to sudo, though i think sudo's
on Sat, Mar 31, 2001 at 07:40:45PM +0200, Roberto Diaz ([EMAIL PROTECTED])
wrote:
> > Like every so-called Linux virus, it requires the user to behave stupidly
> > - it's really a trojan horse. It has the same permission rules as any
> > other program, so it can't change root-owned files, unless
Roberto writes:
> What chances do we have to get a virus from a malicious .deb package
> someone had leak into debian.org?
It would have to acquire the signature of a Debian developer to get into
unstable, remain dormant for at least two weeks to get into testing, and
lie dormant there until the n
> Like every so-called Linux virus, it requires the user to behave stupidly
> - it's really a trojan horse. It has the same permission rules as any
> other program, so it can't change root-owned files, unless they are
> world-writable or you are running as root.
> The thing that's special about it
Ethan Benson writes:
> cat <> ~/.bashrc
> alias su='su -c ~/.virus'
> EOF
su might benefit from a configuration file that sets the permissable path
for -c.
Another possible fix might be for bash to somehow detect "gain-root"
commands and refuse to alias them.
--
John Hasler
[EMAIL PROTECTED]
Dan
On Fri, Mar 30, 2001 at 05:46:19PM -0800, Karsten M. Self wrote:
>
> Hmm...dual-booting considered harmful. Interesting.
>
> Short version being that relying on OS filesystem protections to keep
> you from mangling your system files is an invalid assumption if:
>
> - You're booting multiple
On Fri, Mar 30, 2001 at 05:54:25PM -0800, Karsten M. Self wrote:
> on Wed, Mar 28, 2001 at 10:53:33PM -0500, William T Wilson ([EMAIL
> PROTECTED]) wrote:
> > On Thu, 29 Mar 2001, Mark Devin wrote:
> >
> > > Surely this virus cannot overwrite executables that require root
> > > permission? Or can
on Wed, Mar 28, 2001 at 10:53:33PM -0500, William T Wilson ([EMAIL PROTECTED])
wrote:
> On Thu, 29 Mar 2001, Mark Devin wrote:
>
> > Surely this virus cannot overwrite executables that require root
> > permission? Or can it?
>
> Like every so-called Linux virus, it requires the user to behave st
on Wed, Mar 28, 2001 at 07:11:00PM -0900, Ethan Benson ([EMAIL PROTECTED])
wrote:
> On Wed, Mar 28, 2001 at 10:53:33PM -0500, William T Wilson wrote:
> > On Thu, 29 Mar 2001, Mark Devin wrote:
<...>
> > The thing that's special about it is that it can infect both Windows and
> > Linux executable
On Wed, Mar 28, 2001 at 10:19:10PM -0500, Ben Collins wrote:
> Anyone can do that. I can write a C program and send it to you that
> emails me /etc/passwd and /etc/shadow. You still have to be dumb enough
> to execute it. That's not a virus, that's social trickery. Now, if it
> emails itself (and r
This article might point out some things
http://www.theregister.co.uk/content/8/17938.html
-Original Message-
From: John Griffiths [mailto:[EMAIL PROTECTED]
Sent: donderdag 29 maart 2001 5:08
To: Ben Collins
Cc: Mark Devin; Debian-user
Subject: Re: Linux Virus
At 10:00 PM 3/28/2001
On Wed, Mar 28, 2001 at 10:43:12PM -0500, Ben Collins wrote:
> Arguably, there is less of a chance of that under Linux. Most people who
> use Windows (like 99.9%) use either Outlook, Eudora or Netscape for
> email. On Linux, the numbers cannot be used against it. If you target a
> Linux virus for P
Well... remember that most of the recent Melissa style worms are slapped
together with Visual Basic... Not a great risk that ext2 support will
show up :-)
--Rich
...and the paperclip winked at me and said: "It looks like you're
writing a macro virus... Would you like help?"
(another stolen .sig)
On Wed, Mar 28, 2001 at 10:53:33PM -0500, William T Wilson wrote:
> On Thu, 29 Mar 2001, Mark Devin wrote:
>
> > Surely this virus cannot overwrite executables that require root
> > permission? Or can it?
>
> Like every so-called Linux virus, it requires the user to behave stupidly
> - it's reall
On Thu, 29 Mar 2001, Mark Devin wrote:
> Surely this virus cannot overwrite executables that require root
> permission? Or can it?
Like every so-called Linux virus, it requires the user to behave stupidly
- it's really a trojan horse. It has the same permission rules as any
other program, so it
On Thu, Mar 29, 2001 at 01:33:30PM +1000, John Griffiths wrote:
> t 10:29 PM 3/28/2001 -0500, Ben Collins wrote:
> >On Thu, Mar 29, 2001 at 01:26:39PM +1000, John Griffiths wrote:
> >> >IMO, this is nothing completely new or innovative. ASM has been around a
> >> >long time, even before viruses. It
t 10:29 PM 3/28/2001 -0500, Ben Collins wrote:
>On Thu, Mar 29, 2001 at 01:26:39PM +1000, John Griffiths wrote:
>> >IMO, this is nothing completely new or innovative. ASM has been around a
>> >long time, even before viruses. It all boils down to people being smart
>> >enough not to accept attachmen
On Thu, Mar 29, 2001 at 01:26:39PM +1000, John Griffiths wrote:
> >IMO, this is nothing completely new or innovative. ASM has been around a
> >long time, even before viruses. It all boils down to people being smart
> >enough not to accept attachments form people they don't know, and
> >especially d
>IMO, this is nothing completely new or innovative. ASM has been around a
>long time, even before viruses. It all boils down to people being smart
>enough not to accept attachments form people they don't know, and
>especially don't execute programs sent to you randomly over the
>internet.
Agreed u
On Thu, Mar 29, 2001 at 01:07:49PM +1000, John Griffiths wrote:
> At 10:00 PM 3/28/2001 -0500, Ben Collins wrote:
> >On Thu, Mar 29, 2001 at 12:55:16PM +1000, Mark Devin wrote:
> >> Does anyone know anything further on this new W32.Winux virus.
> >> Check out this link:
> >> http://news.cnet.com/ne
At 10:00 PM 3/28/2001 -0500, Ben Collins wrote:
>On Thu, Mar 29, 2001 at 12:55:16PM +1000, Mark Devin wrote:
>> Does anyone know anything further on this new W32.Winux virus.
>> Check out this link:
>> http://news.cnet.com/news/0-1003-200-5329436.html?tag=st.cn.1.lthd
>>
>> Surely this virus canno
On Thu, Mar 29, 2001 at 12:55:16PM +1000, Mark Devin wrote:
> Does anyone know anything further on this new W32.Winux virus.
> Check out this link:
> http://news.cnet.com/news/0-1003-200-5329436.html?tag=st.cn.1.lthd
>
> Surely this virus cannot overwrite executables that require root
> permission
32 matches
Mail list logo
