Ref: Nimda - virus for linux
-
"My Os is better than yours" My country's better than your country. ;P Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
There is one worm for Unix (including linux), that takes advantage of a buffer overrun in telnetd. It is said that this bug is there in BSD Unix, Linux, Solaris etc. But, the news item quotes some anti-virus company spokesman saying that it did not spread effectively due to a 'possible bug' in the virus. I have not yet seen anyone providing patches for this telnetd problem. I do not use Linux, but was curious to know how fast companies respond to this. I do not see any downloads or fixes in RedHat or Linux Mandrake sites. Evangelizing Linux or Unix as invinsible is not the solution. All OSs have bugs. An AMD representative when asked about not taking advantage of the PIII floating point bug had said - "People living in glasshouses do not throw stones at each other". That is probably why Sun, IBM, HP, Linux companies are quiet about this issue and not trying to take advantage by projecting themselves as "virus-proof". Finally, Windows, Linux or Solaris, all computing community has to condemn all virus attacks, that are more than a 'proof of concept' and inflict damage. It is another form of terrorism. I hope sense returns and no one considers a virus attack as an 'opportunity' to promote one OS above other. -Thomas
The telnetd bug has been known since late July, and most major distributions released fixes in early August. See LWN security page, under "Multiple vendor telnetd vulnerability".
-
At least our toilets flush in the right direction!!! Tim Smith Descartes Systems Sciences, Inc.
They do not!! I've been to the US and the water goes down the toilet and the plug holes in completely the wrong direction. ;) Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
The telnetd bug has been known since late July, and most major distributions released fixes in early August. See LWN security page, under "Multiple vendor telnetd vulnerability".
Acording to the text: The bug was reported in July, 26. Dates when distributions were fixed: Suse - Aug, 3 Slackware - Aug, 9 Red Hat - Aug, 9 Yellow Dog - Aug, 10 Debian - Aug, 14 Conectiva - Aug, 24 Wow! Now, THAT'S fast! A week for the fastest fix! 6 days more for the second! Now, imagine if this bug was found in Windows and Microsoft took almost a month to fix it, like Conectiva did... What the linux fanatics would say ? PS: Here, in Brazil, Conectiva is the most used Linux distribution. It's Red Hat based, so, why 15 days for the fix if Linux comunity is so commited to security ? We may be humans, but we're still animals...
-
There is one worm for Unix (including linux), that takes advantage of a buffer overrun in telnetd. It is said that this bug is there in BSD Unix, Linux, Solaris etc. But, the news item quotes some anti-virus company spokesman saying that it did not spread effectively due to a 'possible bug' in the virus. I have not yet seen anyone providing patches for this telnetd problem. I do not use Linux, but was curious to know how fast companies respond to this. I do not see any downloads or fixes in RedHat or Linux Mandrake sites. Evangelizing Linux or Unix as invinsible is not the solution. All OSs have bugs. An AMD representative when asked about not taking advantage of the PIII floating point bug had said - "People living in glasshouses do not throw stones at each other". That is probably why Sun, IBM, HP, Linux companies are quiet about this issue and not trying to take advantage by projecting themselves as "virus-proof". Finally, Windows, Linux or Solaris, all computing community has to condemn all virus attacks, that are more than a 'proof of concept' and inflict damage. It is another form of terrorism. I hope sense returns and no one considers a virus attack as an 'opportunity' to promote one OS above other. -Thomas
If your running a telnet daemon then your looking for trouble... Plain text passwords... Not very security conscious... Try running SSH instead ! Long live encryption !!! :)
-
"My Os is better than yours" My country's better than your country. ;P Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
hehehe :rolleyes: Guess what? I really don't care! ;P We all live on the same planet, so who cares which country we're in? I certainly don't... :-D Andy Metcalfe - Sonardyne International Ltd
(andy.metcalfe@lineone.net)
http://www.resorg.co.uk"Be yourself, not what others want you to be." - Me
"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past...) -
At least our toilets flush in the right direction!!! Tim Smith Descartes Systems Sciences, Inc.
I've always wondered, in the northern hemisphere toilets flush clockwise, and in the south the flush counterclockwise. Do they flush straight down at the equator:confused: Do they go alternate back and forth:confused: or what:confused: ;P ;P ;P --- Better to be silent and thought the fool, than to open your mouth and prove it!
-
I've always wondered, in the northern hemisphere toilets flush clockwise, and in the south the flush counterclockwise. Do they flush straight down at the equator:confused: Do they go alternate back and forth:confused: or what:confused: ;P ;P ;P --- Better to be silent and thought the fool, than to open your mouth and prove it!
Interesting question. I'm curious too. Does anyone even know if there's a toilet right on the equator, though? ;P John
-
hehehe :rolleyes: Guess what? I really don't care! ;P We all live on the same planet, so who cares which country we're in? I certainly don't... :-D Andy Metcalfe - Sonardyne International Ltd
(andy.metcalfe@lineone.net)
http://www.resorg.co.uk"Be yourself, not what others want you to be." - Me
"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past...)hehehe :rolleyes: Guess what? I really don't care! ;P Yeah you do. You all want to live in Australia and we all want you to bring your greenbacks and pound sterling here to prop up our Australian Peso. :-D Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
Acording to the text: The bug was reported in July, 26. Dates when distributions were fixed: Suse - Aug, 3 Slackware - Aug, 9 Red Hat - Aug, 9 Yellow Dog - Aug, 10 Debian - Aug, 14 Conectiva - Aug, 24 Wow! Now, THAT'S fast! A week for the fastest fix! 6 days more for the second! Now, imagine if this bug was found in Windows and Microsoft took almost a month to fix it, like Conectiva did... What the linux fanatics would say ? PS: Here, in Brazil, Conectiva is the most used Linux distribution. It's Red Hat based, so, why 15 days for the fix if Linux comunity is so commited to security ? We may be humans, but we're still animals...
The telnetd bug in particular was bit of a non issue for serious linux servers since any decent unix admin won't run the beast anyhow due to it's well know security flaws (plan text passwd mainly) and ssh is trivial to use in it's place. Some time ago I read a technical description about why a virus would always have a harder time spreading under linux than say windows, however I can't find that article now. However a quick google search reveals some similar material: http://www.linuxgazette.com/issue48/tag/7.html And a bit of BOFH humor on the subject from that literary treasure* of a site: http://www.theregister.co.uk/content/30/13467.html "Sadly, the boss slams the cover on the server before I can repeat the demonstration, which just goes to show you can teach an old dog to be afraid. Very afraid... " ;)
-
hehehe :rolleyes: Guess what? I really don't care! ;P Yeah you do. You all want to live in Australia and we all want you to bring your greenbacks and pound sterling here to prop up our Australian Peso. :-D Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
hehehe. I just knew you couldn't pass that one by... ;) Seriouly though, I'd love to visit Australia (and New Zealand for that matter ;)). Just don't feed me any Vegemite without warning, OK? ;P But I still don't give a stuff about any form of nationalism. :) Andy Metcalfe - Sonardyne International Ltd
(andy.metcalfe@lineone.net)
http://www.resorg.co.uk"I'm just another 'S' bend in the internet. A ton of stuff goes through my system, and some of the hairer, stickier and lumpier stuff sticks." - Chris Maunder (I just couldn't let that one past ;)) "Be yourself, not what others want you to be."
