[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FYI: Not a State of Bliss/ Virus Hits Linux OS



Not a State of Bliss/ Virus Hits Linux OS
 =========================================

 Source: Communications Week

 Communications Week via Individual Inc. : Linux, an
 increasingly popular version of the Unix operating system,
 has been getting the attention of many users lately.
 Unfortunately, some of them are virus writers.

 Linux, which can run on PCs as well as workstations, is the
 target of a new virus called Bliss, according to security
 software vendors and other organizations. McAfee Associates
 Inc., a Santa Clara, Calif.-based maker of antivirus
 software, posted an alert about Bliss on its Web site last
 month.

 By itself, Bliss does not pose a major virus threat to
 corporations, according to security experts. But the presence
 of a Unix virus is a serious concern and should prod managers
 to adopt more aggressive user education on safer security
 practices.

 Unix and its variants, including Linux, have been considered
 safe from viruses because of the protected nature of the
 operating system. Essentially, Unix impedes the threat of
 viruses because of the way it compartmentalizes users, making
 it difficult for them to execute certain functions unless
 they have been given the rights and privileges by a system
 administrator.

 "Unlike DOS viruses, which can spread through normal
 operations a user might perform, or macro viruses, which can
 spread by opening infected files, this Linux virus only
 spreads if a systems administrator does something a systems
 administrator shouldn't really be doing," said Stephen Cobb,
 director of special projects at the National Computer
 Security Association, Carlisle, Pa.

 As a result, Bliss is typically spread by organizations that
 allow their users to operate as administrators by giving them
 logon access to the root directory, Cobb said.

 For example, some network-based games require each user to
 have sweeping systems permission, enabling the user to log
 onto the root directory.

 "This is like pulling the safety straps off," said Bob Bales,
 executive director at the NCSA.

 Bliss also is a threat because of Linux's popularity and its
 ability to run on PCs as well as Unix workstations, experts
 said.

 "In the past, when it came to Unix applications, people would
 give you the source code so you could compile it for your
 platform," said Jimmy Kuo, a senior virus researcher at
 McAfee. "Linux on Intel platforms is so widespread that
 people actually give other people [executable code]."

 "The message is clear," said Bales. "Teach your users not to
 run code of unknown origin."

 <<Communications Week -- 03-03-97, p. 35>>
[03-03-97 at 19:15 EST, CMP Publications, Inc.]


-- 
Eli Marmor
***************************************************************
 *   ___ _  __ ___  __    _ |__ _ _    marmor@elmar.co.il      *
  *     | | | \   | | \    |  / |\/     El-Mar Software Ltd.    *
   *    | | | _)  | | _)     /  | \      Tel.: 972-50-237338     *
    *    ___________________________      Fax: 972-9-7484279      *
     *   \_________________________ \      http://www.elmar.co.il  *
      *    _________  __  ____     \ \____  __    _                 *
       *   \_______ \ \_\|  _ \  __ \____ \ \ \  | |                 *
        *          \ \   | | \ \ \_\     \ \ \ \ | |                *
         *          \ \  | | _\ \         ) ) \ \ \_\_             *
          *          \ \ |_| \___)       (_/   \_\  \_\           *
           *          \ \_______________________________         *
            *          \________________________________\       *
             *                                                 *
              *************************************************