Re: [SLUG] rumor of new virus

From: patrick (patrick@llc.net)
Date: Sat May 19 2001 - 18:13:19 EDT

Next message: patrick: "Re: [SLUG] WSJ & Linux"
Previous message: Ed Centanni: "Re: [SLUG] rumor of new virus"
In reply to: Ed Centanni: "Re: [SLUG] rumor of new virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

worms

On Saturday 19 May 2001 04:14 pm, you wrote:
> I think we should call it an anti-body. Seems to perform the same
> function.
>
> Ed.
>
> ter swartz wrote:
> > Not sure if this is true...received from friend.
> >
> > http://news.cnet.com/news/0-1003-200-5949401.html
> >
> > > CNET reports a new worm spreading rapidly among
> >
> > Linux servers around the
> > world.
> >
> > > Before you Microsoft fans start cheering, it's not
> >
> > your normal worm. In a
> > sort of microcosm of all
> >
> > > things Linux and open source, the worm, while
> >
> > entering your system without
> > authorization and
> >
> > > spreading itself from your server without approval,
> >
> > is beneficial.
> >
> > > It's called the Cheese Worm, and it enters
> >
> > previously compromised systems,
> > patches up a security
> >
> > > hole, and then spreads itself on.
> > >
> > >
> > > Basically, it enters through port 10008, a back door
> >
> > opened by the
> > malicious 1i0n worm. It closes
> >
> > > the insecure port, then scans for other systems with
> >
> > port 10008 open.
> >
> > > The worm also leaves a note explaining itself.
> > >
> > >
> > > # removes rootshells running from /etc/inetd.conf
> > > # after a l10n infection... (to stop pesky haqz0rs
> > > # messing up your box even worse than it is already)
> > > # This code was not written with malicious intent.
> > > # Infact, it was written to try and do some good.
> > >
> > >
> > >
> > > Most systems administrators aren't upset about the
> >
> > worm's activities, but
> > they still express unease
> >
> > > over a program having unauthorized access to their
> >
> > systems.
> >
> > > I think the key point to consider is how the worm
> >
> > spreads. It enters
> > through a previously
> >
> > > compromised port. If you don't have a compromised
> >
> > system, this worm won't
> > enter it. In that respect,
> >
> > > I think it's a good worm, and I wholeheartedly
> >
> > support it.
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Auctions - buy the things you want at great prices
> > http://auctions.yahoo.com/

Next message: patrick: "Re: [SLUG] WSJ & Linux"
Previous message: Ed Centanni: "Re: [SLUG] rumor of new virus"
In reply to: Ed Centanni: "Re: [SLUG] rumor of new virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:03:03 EDT