"Bliss manifests itself by overwriting Linux executables with its own code every time it is executed. Files cannot be recovered and files created in other operating systems and stored on Linux servers can also be corrupted." http://www.newsforge.com/article.pl?sid=02/02/08/231223 -- "The only secure Microsoft software is what's still shrink-wrapped in their warehouse..." (Forno)
Hmmm - we need more info - that sounds like a trojan, rather than a virus to me. alan On 9 Feb 2002 at 0:36, Fred A. Miller wrote:
"Bliss manifests itself by overwriting Linux executables with its own code every time it is executed. Files cannot be recovered and files created in other operating systems and stored on Linux servers can also be corrupted."
http://www.newsforge.com/article.pl?sid=02/02/08/231223
-- "The only secure Microsoft software is what's still shrink-wrapped in their warehouse..." (Forno)
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
Hi, has anybody noticed that the ZDnet-article that newsforge quotes was first published in 1997? <quote> A Year Ago: McAfee finds Linux virus 09:57 Tuesday 10th February 1998 This story was first published February 10, 1997 </quote> ...and that nothing containing "Bliss" is even mentioned in McAfee's Virus libraries? Hansen On Saturday 09 February 2002 09:00, alan@ibgames.com wrote:
Hmmm - we need more info - that sounds like a trojan, rather than a virus to me.
alan
On 9 Feb 2002 at 0:36, Fred A. Miller wrote:
"Bliss manifests itself by overwriting Linux executables with its own code every time it is executed. Files cannot be recovered and files created in other operating systems and stored on Linux servers can also be corrupted."
http://www.newsforge.com/article.pl?sid=02/02/08/231223
-- "The only secure Microsoft software is what's still shrink-wrapped in their warehouse..." (Forno)
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
-- Powered by SuSE 7.3 - Linux 2.4.10-4GB KDE 2.2.1 - KMail 1.3.1
On Saturday 09 February 2002 07:36, Johannes Liedtke wrote:
Hi,
has anybody noticed that the ZDnet-article that newsforge quotes was first published in 1997? <quote> A Year Ago: McAfee finds Linux virus 09:57 Tuesday 10th February 1998
This story was first published February 10, 1997 </quote>
...and that nothing containing "Bliss" is even mentioned in McAfee's Virus libraries?
ZDNet is at least partially owned by Micro$haft. Could it be only a conincidence that this almost four year old story resurfaces right after Sun announces they will ship low end servers with Linux instead of Solaris? http://seattlepi.nwsource.com/business/57530_sunlinux08.shtml -- Regards, Malcolm KMail l.3.1 -- KDE 2.2.1 -- SuSE Linux 7.3 Remove the dots to email me
On Saturday 09 February 2002 14:11, M. Clark wrote:
On Saturday 09 February 2002 07:36, Johannes Liedtke wrote:
Hi,
has anybody noticed that the ZDnet-article that newsforge quotes was first published in 1997? <quote> A Year Ago: McAfee finds Linux virus 09:57 Tuesday 10th February 1998
This story was first published February 10, 1997 </quote>
...and that nothing containing "Bliss" is even mentioned in McAfee's Virus libraries?
ZDNet is at least partially owned by Micro$haft. Could it be only a conincidence that this almost four year old story resurfaces right after Sun announces they will ship low end servers with Linux instead of Solaris?
http://seattlepi.nwsource.com/business/57530_sunlinux08.shtml
hmm... who owns newsforge? the article didn't resurface on ZDnet as far as I can tell... it's just a recent article on newsforge (historyforge?) quoting this really old ZDnet-story... Hansen -- Powered by SuSE 7.3 - Linux 2.4.10-4GB KDE 2.2.1 - KMail 1.3.1
On Saturday 09 February 2002 08:44, Johannes Liedtke wrote:
hmm... who owns newsforge? the article didn't resurface on ZDnet as far as I can tell... it's just a recent article on newsforge (historyforge?) quoting this really old ZDnet-story...
Hansen
This URL might help explain it: http://www.newsforge.com/submit.pl Anyone can submit a news story to NewsForge. If their staff didn't check the date closely enough, a link to an old story could get posted. Perhaps not coincidentally, someone has posted a long winded rant to the Usenet Linux groups about XP being superior to Linux. The usual suspects are probably at work. -- Regards, Malcolm KMail l.3.1 -- KDE 2.2.1 -- SuSE Linux 7.3 Remove the dots to email me
----- Original Message ----- From: <alan@ibgames.com> To: "suse-linux-e" <suse-linux-e@suse.com> Sent: Saturday, February 09, 2002 9:00 AM Subject: Re: [SLE] McAfee Finds First Linux Virus
Hmmm - we need more info - that sounds like a trojan, rather than a virus to me.
alan
Yea, they tell us almost nothing about it. Regardless, unless you run this as root (or gave it permission to run as root when you installed it) then it can't over-write executables that belong to root unless you gave everyone on your system write permissions to executables. John
On 9 Feb 2002 at 0:36, Fred A. Miller wrote:
"Bliss manifests itself by overwriting Linux executables with its own code every time it is executed. Files cannot be recovered and files created in other operating systems and stored on Linux servers can also be corrupted."
Hmmm - we need more info - that sounds like a trojan, rather than a virus to me.
alan
Yea, they tell us almost nothing about it. Regardless, unless you run this as root (or gave it permission to run as root when you installed it) then it can't over-write executables that belong to root unless you gave everyone on your system write permissions to executables.
John
I have not found any information on McAfee web site. Moreover it does not look like anything new (if it exists). If a sys admin executes binaries from an untrusted source, he deserves the trojan/virus! And the writer does not look very informed on what is Linux... "a Freeware version of Unix":-) Praise
begin Fred A. Miller's quote: | "Bliss manifests itself by overwriting Linux executables with its | own code every time it is executed. Files cannot be recovered and | files created in other operating systems and stored on Linux | servers can also be corrupted." | | http://www.newsforge.com/article.pl?sid=02/02/08/231223 something here has a foul odor -- for a start, it's not linked on newsforge's front page, which a story of this magnitude would be. i do not know where or how they get there news, but my guess is that this is a trojan story of some sort, a plant. it appears, for a start, not to be true. -- dep There is sobbing of the strong, And a pall upon the land; But the People in their weeping Bare the iron hand; Beware the People weeping When they bare the iron hand.
participants (7)
-
alan@ibgames.com -
dep -
Fred A. Miller -
Johannes Liedtke -
John Scott -
M. Clark -
Praise