Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Lupper: linux worm

__/ [Gandalf  Parker] on Wednesday 09 November 2005 12:42 \__

> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> contributed wisdom to
> news:dksml1$dm8$3@xxxxxxxxxxxxxxxxx:
>> Is there anything funamentally bad with the kernel? Is XML-RPC an
>> integral part  of  a  Linux server out of the box or a desktop
>> running  Linux?  Of course  not.  I think the media just likes the
>> deadline which  puts  Linux alongside  the troubled Windows and makes
>> 90% of the reader have that smug smile.
> Thre is probably some truth in that. In fact I have to say that the article
> DID catch my eye for that reason where other wording would have had me skip
> reading it
> Gandalf  Parker

The article you cited is just one among many and its source is technical,
thus intended for a technical audience. You should have seen he write-ups in
mainstream media. Last week they wrote about the zombies (makes me bitter as
I come under DoS attacks) without mentioning even once that only Windows
computers are affected. Apparently, the very foundation a computer runs on
is 'details'. Moreover, it doesn't seem to be good PR when all the readers
use Windows.

__/ [Gandalf  Parker] on Wednesday 09 November 2005 12:49 \__

> Gandalf  Parker <gandalf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> contributed
> wisdom to  news:Xns9708565BE3C1Egandalfparker@xxxxxxxxxxxxx:


Be careful with automated introductory phrased. This can lead to vanity, not
flattery. *smile*

>> *sigh* well we knew it was possible and even discussed methods. Been
>> done before and will again. As Linux gets more popular, with popular
>> packages,  and more "default installs"; there will be more of this.
> After looking at the writeup on this worm I see there there is a list of
> exploitable scripts that it looks for. Im thinking to myself that much of
> it plays off of /cgi/

Webmasters should notice continuous attempts to execute a variety of common
scripts off that directory, which has gained its notoriety.

> Isnt the cgi directory a flexible choice? Cant a server be told to operate
> off of a different directory than /cgi/ and have pretty much everything
> work? Automatic installs might be a pain to fix each time but the result
> might be worthwhile for avoiding any number of known and not-yet known
> exploits. Yet another example of why hacking is good. Pros and cons to
> everything but there are definate advantages to always fighting the
> defaults.

Good point, which I fully agree with. Notice that /blog is a common target
and installation of a CMS in /phpnuke (or the like) is an invitation to


Roy S. Schestowitz      |    "Yes, I know, but does it run Linux?"
http://Schestowitz.com  |    SuSE Linux     |     PGP-Key: 0x74572E8E
 12:55pm  up 7 days  8:53,  4 users,  load average: 0.14, 0.31, 0.37
      http://iuron.com - next generation of search paradigms

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index