l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
July 21: Defensive computing: Information security for individuals
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2010 Jun 16 12:00

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Linux IRC infection
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Linux IRC infection



It is very unlikely that a malware scanner would have caught this on windows or on Linux.  It was a very simple backdoor that allowed arbitrary commands to be executed remotely, and it was in the source.  A malware scanner has no way to see intent.  If there were a bit of authentication wrapping it, it could have been a legit feature.

On Mon, Jun 14, 2010 at 03:52:10PM -0700, Darth Borehd darth.borehd-at-gmail.com |lugod| wrote:
> So does Linux need a malware scanner then?
> 
> On 14 June 2010 13:30, Bill Kendrick <nbs@sonic.net> wrote:
> 
> > On Mon, Jun 14, 2010 at 09:56:24AM -0700, Gandalf Parker wrote:
> > >
> > http://www.zdnet.com/blog/bott/linux-infection-proves-windows-malware-monopoly-is-over/2206?tag=nl.e539
> > >
> > > Altho its abit of an "I told you so" article, it does support my general
> > > attitude that absolute statements should usually end with the word "yet".
> > > If I EVER said Linux didnt need to worry, Im sure I added "doesnt need to
> > > worry, YET"
> > >
> > > It also supports my not-completely-trusting of automatic updating
> >
> > Nah, one has ALWAYS needed to worry.  The article is useless.
> > It sucks that the malware got into the Gentoo repos (but, based
> > on what little I understood of the 'update' pasted at the top of
> > the article), it sounds like it's really a matter of:
> >
> > (1) I want to install IRC server
> > (2) I'll get it from trusted source
> > (3) I'll IGNORE THE SAFEGUARDS to confirm that the copy at the source
> >    is actually TO BE TRUSTED
> > (4) OMGWTFPWNED
> >
> > Note that my opinion here is based soley on skimming the guy's ZDNet
> > article ("clickbait", as one of the commenters called it ... a kind of
> > "FUD-for-advertising-dollars"), and the (mostly lame) comments made
> > by users.
> >
> > --
> > -bill!
> > Sent from my computer
> > _______________________________________________
> > vox mailing list
> > vox@lists.lugod.org
> > http://lists.lugod.org/mailman/listinfo/vox
> >

> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!