brute force ssh attack
Matthew Miller
mattdm at mattdm.org
Fri Apr 29 14:18:21 UTC 2005
On Fri, Apr 29, 2005 at 03:01:44PM +0100, Nigel Wade wrote:
> >You're using the word "manually" in a strange way, and differently from the
> >way you did in the paragraph above. In this case, it didn't spread manually
> >(in the normal sense of the word) from the infected mech binary to the
> >binaries in /bin -- it did that on its own when it got a chance.
> I'm not using it differently. In both cases I am considering spreading from
> one system to another. This was done manually.
Like I said, this is by definition the difference between a virus and a
worm. But once on a system, viruses (including this one) *do* have
mechanisms to spread automatically.
> To infect the /bin binaries it required a user with root privilege to do
> so. Most Windows viruses would have very limited threat capability if users
> would stop running them with administrator rights.
Yep -- and *if* people follow good practices on any OS (assuming the OS
lets them do so in practice), viruses are a limited threat overall. But even
that limited threat is a real threat that shouldn't be ignored -- *and* we
need to do better to make it easier for non-technical users to follow best
practices and still get work done.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 72 degrees Fahrenheit.
More information about the users
mailing list