In comp.os.linux.advocacy, Doug Mentohl
<doug_mentohl@xxxxxxxxxxxxx>
wrote
on Sun, 24 Jun 2007 11:24:24 -0700
<f5mcs5$tsm$2@xxxxxxxxxxxxxxx>:
> Roy Schestowitz wrote:
>
>> Reader?
>> Shill maybe...
>> Bugs?
>> Bugs Bunny maybe...
>
> Erik FUD, shurley you could russle up a copy of this Linux 'virus' .. er
> 'worm'
http://www.sophos.com/security/analyses/sbbadbunnya.html
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-052303-2513-99
http://secunia.com/virus_information/38489/sbbadbunny-a/
Staroffice multiplatform infection worm, low to mid
prevalence, very low risk. Symantec suggests 0-49
infections in the wild, maybe 2 sites, easily contained.
Secunia suggests risk rating 2 (low).
I'm skeeered....especially since I don't use OpenOffice
all that often.
Now let's consider a slightly different entry -- actually,
cluster of entries.
http://www.sophos.com/virusinfo/analyses/w32feebsar.html
This is an up and coming entry, apparently.
http://www.pspl.com/virus_info/topvirus.htm
identifies it as the number one threat. This is at rev AR, which
tells me that there's a lot of interest in mutating this one.
Sophos hasn't put this in their top 10 yet:
http://www.sophos.com/security/top-10/
but give it time.
http://www.sophos.com/security/analyses/w32soberad.html
Sophos identifies Sober as being the number one threat, classifying it
as a "reentry". (I'm assuming that that means it has mutated.) It is
identified as version 'AD'.
http://www.sophos.com/security/analyses/w32netskyp.html
Netsky is an old favorite (FSVO) and comes in at number two.
http://www.trendmicro.com/vinfo/
has its own list: TROJ_STRAT.HJ, JS_IFRAME, HTML_IFRAME.CX,
TROJ_DLOADER, TROJ_AGENT, JS_DLOADER, TROJ_AGENT,
HTML_IFRAME.CV, TROJ_ARTIEF.E, EXPL_YAHOXSS.A.
(The nomenclature is interesting, and unfortunately differs
from Sophos'.)
All of these are either trojans or exploit weaknesses in
the browser, except for the last one, which apparently
steals Yahoo! cookies in a cross-site scripting vulnerability.
All of these have damage potential of at least Medium, with a fair
number at High.
http://www.symantec.com/home_homeoffice/security_response/index.jsp
is an interesting page: currently it's indicating Email
is at high risk. All others are at medium risk. I'm
unable to find a "Symantec Top Ten" virus list, but perhaps
it's not all that interesting a problem, really, especially
since phishing and pharming seem to be more interesting to
virus writers nowadays.
And remember, Linux is very vulnerable, being the most
prevalent desktop solution out there and therefore users
should switch over to ... what's that? Most of the
desktop systems out there are from a competing vendor?
And that vendor has had a few holes in its security over
the course of its dominance of over a decade or so? And
that Linux is, apart from BadBunny proof-of-concept viruses,
relatively immune?
Oh, the horror.
BTW, An ominous trend, opines Symantec, is that
Over the last 18 months, an ominous change has swept across the
Internet. The tools driving the new attacks and fueling the
blackmarket are crimeware - bots, Trojan horses, and spyware.
This is definitely a concern.
--
#191, ewill3@xxxxxxxxxxxxx
Linux. Because life's too short for a buggy OS.
--
Posted via a free Usenet account from http://www.teranews.com
|
|
