On Mon, Oct 01, 2001 at 01:51:31PM -0400, Theodore Knab wrote: > With the Nimba virus/worm and the Code Red worm breaking Windows > around the globe, I am nervously waiting for the next Linux Worm. > > It would be more work to make a Linux virus or worm because the > designer would have to take care creating 2 programs as opposed to > one. > > What is being done to protect against this ? Are there any Linux > virus/ worm scanners for Debian? I don't see much of a use for such a thing. In the windows world, a virus scanner is merely a program that searching the contents of a disk for "fingerprints". It keeps these fingerprints in a database that must be periodically updated by the user. The only reason this is needed is that there are just so damn many Windows viruses. In the Linux world, it's much more reasonable to just write a one-shot scripts/programs to search for specific viruses/worms, since they're so uncommon. Since the virus/worm doesn't yet exist, we don't know what to look for. Once it exists, someone will figure out exactly what to look for to determine whether a host has been infected and write a scanner. You can also use a tool like AIDE or tripwire to monitor your disk for unexpected changes. That will catch most trouble right there. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpod2pACfkRt.pgp
Description: PGP signature