Re: OT - Virus?
At Wed, 03 Jan 2001 11:39:10 -0600,
John Travis wrote:
> I know this is a little OT but this is about the only forum where I
> provide the email address that the message in question was received from.
> And besides, you gurus should be able to straighten this out :-). I just
> got an email (not at this address) warning of a GNU/Linux virus named LinX
> that is _supposedly_ going to destroy my shadow password file next month.
> It contained an executable that was supposed to scour your computer and
> determine if you were infected. But upon looking at it in an editor
> certain things just look bad. It looks like it starts a file with the
> contents of ls, then cats your passowrd files on, then tries to initiate a
> net connection and sendmail the file to an address at yahoo.com? Now I've
> been up for a *long* time, so maybe I'm just being paranoid. I know the
> files would be encypted anyway, just curious. So has anyone else heard of
> this would be virus?
More accurately, you could call it a trojan horse. Sending
your password file out by mail is never a good idea. Even
though it is encrypted, having a copy of it would give a
potential attacker all the time he or she needs to crack it
with a brute force approach.
Why can't the skr1p7k1dd13z (sp?) stay on Microsoft turf?
> time to sleep...
- OT - Virus?
- From: John Travis <email@example.com>