[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack

On Fri, Apr 29, 2005 at 03:01:44PM +0100, Nigel Wade wrote:
> >You're using the word "manually" in a strange way, and differently from the
> >way you did in the paragraph above. In this case, it didn't spread manually
> >(in the normal sense of the word) from the infected mech binary to the
> >binaries in /bin -- it did that on its own when it got a chance.
> I'm not using it differently. In both cases I am considering spreading from 
> one system to another. This was done manually.

Like I said, this is by definition the difference between a virus and a
worm. But once on a system, viruses (including this one) *do* have
mechanisms to spread automatically.

> To infect the /bin binaries it required a user with root privilege to do 
> so. Most Windows viruses would have very limited threat capability if users 
> would stop running them with administrator rights.

Yep -- and *if* people follow good practices on any OS (assuming the OS
lets them do so in practice), viruses are a limited threat overall. But even
that limited threat is a real threat that shouldn't be ignored -- *and* we
need to do better to make it easier for non-technical users to follow best
practices and still get work done.

Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 72 degrees Fahrenheit.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]