Re: debian and the malware problem

[Ron Johnson <ron.l.johnson@cox.net>]

On Sun, 2005-11-27 at 06:24 -0500, Edward J. Shornock wrote:
> On Thu, Nov 24, 2005 at 08:56:58AM -0500, Jude DaShiell wrote:
[snip] 
> 
> Unless something has changed _very_ recently, there shouldn't be *any*
> spyware that can infect Linux systems as happens in the world of
> Windows...

Rootkits and worms come immediately to mind.

What's to stop such malware (which, if it exploits the "right" bug),
from installing a keylogger (since, remember it's a *root* kit),
and sending everything someone types thru port 80 to some site in
Romania?

Or grabbing your /etc/shadow, and doing a dictionary attack to get
root and user passwords so as to log in via ssh, and do mischief?

Daemon minimalism, firewall maximalism & strong passwords are the
sine qua non of security, but you're still vulnerable, especially
if you then do something stupid like turn around and run old, buggy
versions of PHP, libc6, etc, etc.

-- 
-----------------------------------------------------------------
Ron Johnson, Jr.
Jefferson, LA USA

"That doctrine of peace at any price has done more mischief than
any I can well recall that have been afloat in this country. It
has occasioned more wars than any of the most ruthless
conquerors. It has disturbed and nearly destroyed that political
equilibrium so necessary to the liberties and the welfare of the
world."
Benjamin Disraeli