[AntiVirus + Ubuntu] was - Re: And another Ubuntu convert!
Bart Silverstrim
bsilver at chrononomicon.com
Fri Jan 23 13:11:28 UTC 2009
Mario Vukelic wrote:
> On Thu, 2009-01-22 at 13:15 -0800, NoOp wrote:
>> install ssh,
>
> Properly configured and used ssh as a virus vector? If so, we have
> bigger problems.
So to speak, SSH can be an insertion vector. It allows remote access to
your computer. Otherwise we wouldn't have automated attacks on SSH.
A remote user can gain access via SSH, from there elevate privileges,
and attack the computer system.
Alternatively if a bug is discovered to circumvent the authentication of
users in SSH, a remote user can gain access and again elevate privileges
with another attack from there.
So yes, it is a vector.
>> <http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=linux.&search-type=contains&case-sensitivity=No&database=daily&database=main&display=database&display=virus&.submit=Submit+Query&.cgifields=database&.cgifields=search-type&.cgifields=case-sensitivity&.cgifields=display>
>>
>> yields some pretty interesting results. The latter shows 117 results.
>
> As I said in other replies, I have too often done the work of those
> posters who linked impressive-looking linux malware lists, only to find
> that they don't hold up to even quick analysis. I don't care about lists
> if 99% of the content are viruses from 1991 that nobody has ever
> actually seen outside the lab. So please forgive me if I don't go
> through such a list again. If you want to convince anyone come up with
> an analysis of the content yourself. I will be happy to concede if you
> can show me that a significant amount of malware on this list is a real
> threat.
I find it funny...though I shouldn't...to think of a cartoon where
someone spends all this time ripping hair out hardening their system
against malware...only to have a thief steal the hard drive.
Let's change the arguments to the merits of encrypting volumes!
More information about the ubuntu-users
mailing list