|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Antivirus Programs for Openbsd
From: STeve Andre' (andres
msu.edu)
Date: Mon Nov 01 2004 - 10:48:19 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Monday 01 November 2004 18:36, Nick Holland wrote:
> Marius Van Deventer - Umzimkulu wrote:
> >> -----Original Message-----
> >> From: Dave Feustel [mailto:dfeustelmindspring.com]
> >> Do these programs detect viruses that can actually infect Openbsd
> >> or just viruses that won't affect Openbsd but can be passed on to
> >
> > infect
> >
> >> other (windows) operating systems?
> >
> > The latter would be very interesting as a mail gateway methinks.
> >
> > On the other point: I am a BSD newbie, but a BSD virus sounds unlikely
> > to me. The virus writer would have to trick Root into doing something
> > stupid.
>
> Unfortunately, this isn't as hard as one would hope.
>
> Anyone else remember the "OpenSSH vulnerabilty demonstrator", put out
> maybe a year or so ago, distributed in binary-only form, which insisted
> that you run it as root, and would then insert a user into your system
> password files, mail your external IP address, your passwd file, and
> lots of other tidbits off to someone's e-mail address, and
> printf("Exploit successful!\n"); at the end? It wasn't technically a
> virus, as it was spread ONLY by stupid people, saying, "Hey, check this
> out!". At least a few OpenBSD people tried it, though its proceedures
> were a little "untuned" for OpenBSD, so the results were minimal.
>
> Unfortunately, technology can never compensate for stupidity. Just
> because you run an OS that started very secure doesn't mean you get to
> be stupid about it. Or pretend that it can't happen, like the Mac users
> who like to forget just where small computer viruses first became
> epidemic...
>
> Nick.
What you describe is a social engineering trick, which is of course valid
but not the same as one of the myriad of Windows Outlook horrors.
Convince a user to put a sledgehammer to their computer and it doesn't
matter what op sys or hardware they have: the sledgehammer wins.
To date I do not know of any Windows style viri, or stealthily installed
spyware, or worms for OpenBSD. I think there are reasons for this...
--STeve Andre'
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]