RE: CRIME [Fwd: [Evolution] Definitive comments on LINUX viruses]

From: SCRIMSHER,JOHN (HP-Corvallis,ex1) (john_scrimsher@private)
Date: Wed Jul 17 2002 - 13:45:58 PDT

  • Next message: James Wilcox: "CRIME Selling security to upper management"

    > You are confusing viruses and script kiddies.  Different things. 
    > Different methods of attack.
    > 
    
    Not necessarily different.  Many of today's email based viruses are created
    from Virus Generation kits, not skilled writers, usually by the same Script
    Kiddies that attempt defacements of websites.  That being said, you are
    correct in that viruses are not necessarily the same as a defacement, etc;
    another point that gets confused in the article by Mr. Skoll as he uses
    numbers based on server defacements to back up his ideas regarding email
    borne viruses on Linux vs Windows.  Rarely are email borne viruses utilized
    to deface a web site.  Instead they serve mainly to disrupt messaging
    services, and sometimes carry damaging payloads that may alter / delete data
    from the infected system.
    
    As you state, nothing compares to an alert and cautious user.  Even Win9x
    can be used semi-securely if the user of the system is cautious regarding
    what emails to open, not enabling File and Print Sharing, etc.  I use
    Outlook as my primary email client, and I LIKE it (no flames please), but I
    do not open emails that look suspicious.  We have had our fair share of
    email based viruses at work, but my systems have never been infected
    unknowingly.  
    
    Unfortunately in any group of people, you will have a few that are not as
    diligent in security practices as they should be and are more susceptible to
    Social Engineering, "forget" to install that patch that they were warned to
    install, and open file shares with default permissions.  These systems
    create a problem for the rest of the network, but can be found and remedied
    with a proper security team.
    
    John
    



    This archive was generated by hypermail 2b30 : Wed Jul 17 2002 - 14:55:50 PDT