On Saturday 08 April 2006 14:02, Ken Jennings wrote:
On Saturday 08 April 2006 01:00, Boyd Lynn Gerber wrote:
" Cross-platform Virus Infects Linux And Windows
By Gregg Keizer, TechWeb News
A Russian security company announced Friday that it had found a cross-over virus that can infect PCs running either the open-source Linux or Microsoft Windows operating systems.
Dubbed "Linux.Bi.a" and "Win32.Bi.a," the split-personality malware doesn't do any damage. Instead, said Moscow-based Kaspersky Labs in an online briefing, it's a proof-of-concept to prove that a cross-platform virus is possible.
"However, our experience shows that once proof-of-concept code is released, virus writers are usually quick to take the code, and adapt it for their own use," wrote a Kaspersky analyst in the briefing."
This is important information:
"According to Kaspersky's research the Linux.Bi.a/Win32.Bi.a virus can infect either ELF binaries (Linux) or files with the ".exe" extension (Windows)."
Returning to what others have posted concerning the easy infestation of Windows and the relative difficulty of doing the same in Linux -- How many executable files on a Linux system can a regular user overwrite? Nothing important. There aren't enough stupid system admins in the real world who would click on/run an unknown executable to enable this kind of virus to spread. As the article says, it is proof-of-concept. For Linux systems it will stay that way.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Well... Both true and false. IF you manage to exploit a, lets say buffer overflow vulnerability, and that gives you escalated rights, and you are in a less secure system, there is a definite chance of planting the infection. This ofcourse has to be done actively, and may not exactly be a "virus attack". But if the virii is planted inside the system, it may spread. Not all Linux users run a secured system, and not all run it under a normal user. I have seen way to many root's running out there... So the "How many executable files on a Linux system can a regular user overwrite? Nothing important." is only true on a secured system with a secure-minded administrator. How many DOESNT run a secured system, and run everything as root? No way of knowing. I am not saying its easy, or commonplace to break into a non-windows system. But it HAS been done. Sure, there have been "proof-of-concepts" around for different platforms, including mobile phones. I have yet to see a virus outbreak on mobile phones... Lets not wave this off as a "cant happen here". Let us instead work against such concepts, and keep Linux a tidy playground for serious users. -- /Rikard ----------------------------------------------------------------------------- email : rikard.j@rikjoh.com web : http://www.rikjoh.com mob: : +46 (0)763 19 76 25 ------------------------ Public PGP fingerprint ---------------------------- < 15 28 DF 78 67 98 B2 16 1F D3 FD C5 59 D4 B6 78 46 1C EE 56 >