[ILUG-BOM] Viruses Anyone?

Rony gnulinuxist at gmail.com
Sun Dec 2 20:09:19 IST 2007


jtd wrote:
>
> Besides sourceforge and similiar repos dont care whats on the server. 
> You have to do the verification by checking the sigs. Debian uses md5 
> hashes in a Release file and gpg for sigining the Release file. u can 
> therfore be reasonably sure that what u download is ok. Similiar 
> schemes should exist for other distros too.
>
>
>
>   
This virus does not reach the stage of executing after download. As soon 
as you click on the download link, instead of the file download 
beginning, the system goes into a reboot. It has got infected. On 
reboot, it brings in the bigger payload which causes irreversible damage 
as it reboots everytime an admin command is run. If the net is shut off 
just before the system boots again, the bigger payload is kept away and 
the system can be restored to an earlier clean period. This is something 
very recent so I was wondering if there has been some major attack on 
the web servers.

Why does Linux save a .exe file as .exe.bin in the vfat partition when 
downloading directly from Firefox? Is that an indication of the attacks 
or is it normal?

-- 
Regards,

Rony.

Knock Knock
Who's There?
Linux
Who Linux?
GNU/Linux



More information about the Linuxers mailing list