[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] linux viruses

To: <shef-lug [at] xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Sheflug] linux viruses
From: "Graham Cox" <xxxxx [at] xxxxxxxxxx>
Date: Mon, 4 Mar 2002 19:46:41 -0000
Envelope-To: <shef-lug [at] list.sheflug.org.uk>
List-Help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-Id: Sheflug <shef-lug.list.sheflug.org.uk>
List-Post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-Subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-Unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-To: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx

This is taken straight out of the FAQ from alt.comp.virus(Isn't Deja a
wonderful place :)
---
     #1 A virus is a program that is able to replicate - that is, create
        (possibly modified) copies of itself.

     #2 The replication is intentional, not just a side-effect.

     #3 At least some of the replicants are also viruses, by this
        definition.

     #4 A virus has to attach itself to a host, in the sense that execution
        of the host implies execution of the virus.
---
Thus, by definition, any operating system that allows you to write to files
can allow a virus to be spread. All you need to do to create a virus for
linux(and I mean a virus, not a worm) is to work out how to add some code to
an existing executable that you have write access to in such a way that this
code will be run before, or instead of the original executable. I don't know
the ELF file format personally, but I can't see it being that difficult to
do...
What's more, if you really wanted to get adventurous, you could write the
virus in such a way that it attemts to get superuser privilages before it
does this(password cracking for example), thus letting it infect any file on
the system.

>From another post on usenet(comp.lang.c, comp.lang.c++ and comp.lang.asm.x86
this time) I managed to find a list of UNIX viruses that existed at the
time(18 Dec 1996).
---
    UNIVAC 1108 Virus - 1984
    Pandora
    Creeper  -  1970
    Bell Labs Virus
    Compressor Virus
    Evolutionary Virus
    Finger Virus
    Pervading Animal
    Reaper
    2600 VAX Virus
---
That was over 5 years ago, so there's been plenty of time for more to be
developed since then...

Just because they are very rare, and unlikely to do any damage in any case
due to the fact that the file security is a lot better than in Windows,
doesn't mean that they don't, or can't exist.
--
Graham

___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- [Sheflug] Re: linux viruses
  - From: Richard Ibbotson

References:
- [Sheflug] linux viruses
  - From: David Holden
- Re: [Sheflug] linux viruses
  - From: Alex Hudson
- Re: [Sheflug] linux viruses
  - From: David Holden

Prev by Date: Re: [Sheflug] Re: linux viruses
Next by Date: RE: [Sheflug] Re: Is this a hoax? wrong response
Prev by thread: Re: [Sheflug] linux viruses
Next by thread: [Sheflug] Re: linux viruses
Index(es):
- Date
- Thread