Path: utzoo!attcan!uunet!convex!killer!texbell!tness1!sugar!peter From: peter@sugar.uu.net (Peter da Silva) Newsgroups: comp.sys.amiga Subject: Re: Internet UNIX virus Message-ID: <2954@sugar.uu.net> Date: 5 Nov 88 02:15:17 GMT References: <13232@oberon.USC.EDU> Organization: Sugar Land Unix - Houston, TX Lines: 46 In article <13232@oberon.USC.EDU>, papa@pollux.usc.edu (Marco Papa) writes: > This is dedicated to all the guys that claimed that "UNIX is much more > secure than the Amiga" with regard to viruses. > -- Marco Papa 'Doc' You claiming responsibility, Marco? (not serious here, folks) I was one of those folks. I still make that claim. I'm not a Polyanna: I recently posted an article that described a much more virulent virus than this one. But I don't think this one can be laid at UNIX' door. First of all, the channel of infection is a gaping hole in sendmail that isn't typical of UNIX mail systems. I didn't know about it, but I'm not surprised. Many academic users leave daemons on their mailboxes that can be used the same way... and I'm sure will. If you care to secure your system this hole won't happen. Secondly, the channel that was used to transmit the virus was a deliberate reduction in UNIX security, that basically turned a network into a single machine as far as the virus was concerned. You pointed this out, and I acknowledged that it was a problem if you let people with non-trusted machines have shell access to yours. So don't do it. Finally, the virus was way more complex than any PC or Amiga virus needs to be. The typical PC or Amiga virus is a couple of hundred bytes long... and it's got complete access to the whole system... on any PC. This virus had a couple of hundred lines of prelude code, and was only able to infect a small fraction of the machines available to them... and a simple reboot would clear it out. Oh, sure, it could be made more infective... more sophisticated... more complex. And that's the point. I'm not saying, and I've never said, that UNIX is uninfectable. Just that it's a LOT harder to build a sucessful virus... that wouldn't be as sucessful as a simpler virus on an unprotected single-use system. This one is everything I've claimed a UNIX virus would be: highly complex, relatively limited in scope, easily killed and guarded against. I expect there will be more. I don't expect anything as virulent as the Byte Bandit or Brain virus. -- Peter da Silva `-_-' peter@sugar.uu.net Have you hugged U your wolf today? Disclaimer: I accept full responsibility for my own typos.