[AntiVirus + Ubuntu] was - Re: And another Ubuntu convert!

Bart Silverstrim bsilver at chrononomicon.com
Fri Jan 23 13:11:28 UTC 2009

Mario Vukelic wrote:
> On Thu, 2009-01-22 at 13:15 -0800, NoOp wrote:

>> install ssh, 
> Properly configured and used ssh as a virus vector? If so, we have
> bigger problems.

So to speak, SSH can be an insertion vector. It allows remote access to 
your computer. Otherwise we wouldn't have automated attacks on SSH.

A remote user can gain access via SSH, from there elevate privileges, 
and attack the computer system.

Alternatively if a bug is discovered to circumvent the authentication of 
users in SSH, a remote user can gain access and again elevate privileges 
with another attack from there.

So yes, it is a vector.

>> <http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=linux.&search-type=contains&case-sensitivity=No&database=daily&database=main&display=database&display=virus&.submit=Submit+Query&.cgifields=database&.cgifields=search-type&.cgifields=case-sensitivity&.cgifields=display>
>> yields some pretty interesting results. The latter shows 117 results.
> As I said in other replies, I have too often done the work of those
> posters who linked impressive-looking linux malware lists, only to find
> that they don't hold up to even quick analysis. I don't care about lists
> if 99% of the content are viruses from 1991 that nobody has ever
> actually seen outside the lab. So please forgive me if I don't go
> through such a list again. If you want to convince anyone come up with
> an analysis of the content yourself. I will be happy to concede if you
> can show me that a significant amount of malware on this list is a real
> threat.

I find it funny...though I shouldn't...to think of a cartoon where 
someone spends all this time ripping hair out hardening their system 
against malware...only to have a thief steal the hard drive.

Let's change the arguments to the merits of encrypting volumes!

More information about the ubuntu-users mailing list