[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FYI: Not a State of Bliss/ Virus Hits Linux OS
Not a State of Bliss/ Virus Hits Linux OS
=========================================
Source: Communications Week
Communications Week via Individual Inc. : Linux, an
increasingly popular version of the Unix operating system,
has been getting the attention of many users lately.
Unfortunately, some of them are virus writers.
Linux, which can run on PCs as well as workstations, is the
target of a new virus called Bliss, according to security
software vendors and other organizations. McAfee Associates
Inc., a Santa Clara, Calif.-based maker of antivirus
software, posted an alert about Bliss on its Web site last
month.
By itself, Bliss does not pose a major virus threat to
corporations, according to security experts. But the presence
of a Unix virus is a serious concern and should prod managers
to adopt more aggressive user education on safer security
practices.
Unix and its variants, including Linux, have been considered
safe from viruses because of the protected nature of the
operating system. Essentially, Unix impedes the threat of
viruses because of the way it compartmentalizes users, making
it difficult for them to execute certain functions unless
they have been given the rights and privileges by a system
administrator.
"Unlike DOS viruses, which can spread through normal
operations a user might perform, or macro viruses, which can
spread by opening infected files, this Linux virus only
spreads if a systems administrator does something a systems
administrator shouldn't really be doing," said Stephen Cobb,
director of special projects at the National Computer
Security Association, Carlisle, Pa.
As a result, Bliss is typically spread by organizations that
allow their users to operate as administrators by giving them
logon access to the root directory, Cobb said.
For example, some network-based games require each user to
have sweeping systems permission, enabling the user to log
onto the root directory.
"This is like pulling the safety straps off," said Bob Bales,
executive director at the NCSA.
Bliss also is a threat because of Linux's popularity and its
ability to run on PCs as well as Unix workstations, experts
said.
"In the past, when it came to Unix applications, people would
give you the source code so you could compile it for your
platform," said Jimmy Kuo, a senior virus researcher at
McAfee. "Linux on Intel platforms is so widespread that
people actually give other people [executable code]."
"The message is clear," said Bales. "Teach your users not to
run code of unknown origin."
<<Communications Week -- 03-03-97, p. 35>>
[03-03-97 at 19:15 EST, CMP Publications, Inc.]
--
Eli Marmor
***************************************************************
* ___ _ __ ___ __ _ |__ _ _ marmor@elmar.co.il *
* | | | \ | | \ | / |\/ El-Mar Software Ltd. *
* | | | _) | | _) / | \ Tel.: 972-50-237338 *
* ___________________________ Fax: 972-9-7484279 *
* \_________________________ \ http://www.elmar.co.il *
* _________ __ ____ \ \____ __ _ *
* \_______ \ \_\| _ \ __ \____ \ \ \ | | *
* \ \ | | \ \ \_\ \ \ \ \ | | *
* \ \ | | _\ \ ) ) \ \ \_\_ *
* \ \ |_| \___) (_/ \_\ \_\ *
* \ \_______________________________ *
* \________________________________\ *
* *
*************************************************