Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: server-check
  • From: Johannes Geiger <geiger@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Sat, 10 Feb 2001 21:19:56 +0100
  • Message-id: <20010210211956.H361@mailspies>
Hello Gerard Bras!

On Sat, Feb 10, 2001 at 07:56:24PM +0100, Gerard Bras wrote:
> On this point I'm curious. Could a 'root kit' propogate itself to
> uninfected hosts on a LAN after it infects the initial victim host?
> Protection inside a LAN is commonly lax, especially with everyone
> relying on firewalls to protect them.

That is an old story: Attack the other machines on the LAN by the same
means which led to the compromise of the initial victim. The probability
is high that they are running the same vulnerable software version.
(BTW, this kind of program or set of programs is called a worm.)

> Are viruses like those seen in MSWorld the next thing?
> All along I've been smug telling my Windows using friends that I don't have
> these virus problems because Unix/Linux has accecss control.

The Unix access control mechanisms cannot prevent virus infection. An
infected program can infect any other binary the user running the
infected program has write-access to. So all you have to do ist wait for
root to come along...

Regards

Johannes

< Previous Next >
Follow Ups