Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is the Unix Community Worried About Worms?

Posted by Cliff on from the if-it-can-happen-in-Redmond dept.

jaliathus asks: "While the Microsoft side of the computer world works overtime these days to fight worms, virii and other popular afflictions of NT, we in the Linux camp shouldn't be resting *too* much. After all, the concept of a worm similar to Code Red or Nimda could just as easily strike Linux ... it's as easy as finding a known hole and writing a program that exploits it, scans for more hosts and repeats. The only thing stopping it these days is Linux's smaller marketshare. (Worm propagation is one of those n squared problems). Especially if our goals of taking over the computing world are realized, Linux can and will be a prime target for the worm writers. What are we doing about it? Of course, admins should always keep up on the latest patches, but can we do anything about worms in the abstract sense?" Dispite the difficulties in starting a worm on a Unix clone, such a feat is still within the realm of possibility. Are there things that the Unix camp can be learning from Code Red and Nimbda?

2 of 516 comments (clear)

  1. 2 Reason; Not Market Share by VB · · Score: 4, Interesting


    While client market share for Windows is undisputed, Apache has close to 60% of the web server market. I haven't received a single readme.exe attachment.

    Current Nimda stats are:
    26900 attempts on 2 servers.

    Apache (on *n*x, anyway) is not vulnerable to worms in the same way IIS is since it runs as notroot.somegroup. The only thing an Apache web server worm (on *n*x) could do is muck up the web server.

    *n*x mail clients don't (at least yet) do a
    file this_attachment
    if file is ELF, or a.out
    chmod +x this_attachment
    execve this_attachment.

    This isn't to say *n*x is immune. Just why Win* is not. Not because of market share.

    --
    www.dedserius.com
    VB != VisualBasic
  2. Re:something to remember by Zwack · · Score: 3, Interesting

    You should know(remember?) that the first worm ever written infected many *NIX systems

    The First worm ever written?

    Well, let me see, the term worm was invented by John Brunner, in his classic book, "Shockwave Rider"

    And the guys at Xerox Parc wrote some network based programs... which they called worms after the John Brunner usage.

    And WAY later, Robert Tappan Morris Jr. wrote the Internet worm.

    So, No. The first worms didn't run on Unix

    Incidentally, at least one of the xerox worms got out of hand and crashed a lot of machines at PARC.

    Z.

    --
    -- Under/Overrated is meta-moderation, and therefore is Redundant.