Nancy Sollars wrote: > > I still think this will only affect the unwarey and stupid. Yup, just like it's always been. > most people even before d/l tars check for the signiture signed file.. I'll bet I'd really *like* it on your planet ;-) Perhaps my impression of The Average Computer User has been tainted. Steve > > Nige > > ----- Original Message ----- > From: "foodog" > To: > Sent: Thursday, March 07, 2002 9:52 AM > Subject: regularly scheduled paranoia. Was: Re: Anti Virus > > > "der.hans" wrote: > > ... > > > Haven't used it as viruses are completely irrelevant to me ( other than > the > > > bandwitdth they use ), but: > > > > > ... snip > > > der.hans > > > -- > > > # http://home.pages.de/~lufthans/ http://www.DevelopOnline.com/ > > > # We now return you to your regularly scheduled paranoia... > > > > I think the days of not worrying about virus scanning on Linux are > > numbered. In the early days pirates were largely responsible for > > viruses spreading under DOS. Eventually viruses started to "get lucky" > > and make it into official software releases. > > > > I think script kiddies are the best vector for widespread Linux > > infections. Their own machines will get infected, then they'll pass the > > infection on as they root other boxes. > > > > There's a thread on Vuln-dev this week about a possibly fake Apache > > 1.3.22 exploit that infects all elf binaries and opens a port on UDP > > 3049. To clarify, the Apache exploit is the possibly fake part, the elf > > infector appears to be legit. > > > > A clean and an infected grep were posted, in case anyone wants to get a > > jump start on being the McAfee of the Linux world. I don't think it'll > > be long before someone with more coding talent decides it'd be cool to > > add stealth. If that had happened, the current thread would just be > > disappointed kiddiez complaining that their new 'sploit didn't work as > > advertised. > > > > Steve