0 Members and 1 Guest are viewing this topic.
Why Linux viruses are unlikelyIn order for an e-mail virus to propagate, it must be able to: Enter the target machine Execute on the target machine Propagate itself Linux makes steps 2 and 3 very difficult.Social Engineering to Enable ExecutionUnder Windows, a file is marked as "executable" based on its filename extension (.exe, .com, .scr, etc.) Encoding metadata (like file type) into the file name is a very bad idea and has horrendous security consequences. Encoding metadata in this way allows for the simple-minded social-engineering attacks we see on windows: "Click here for a cool screensaver!!!"Such an attack under Linux would go like this: "Save this file; open up a shell; enable execute permissions on the file by typing 'chmod a+x filename', and then run it by typing './filename'."Obviously, the Linux permissions system makes such a social-engineering attack very difficult.
sudo iptables -A OUTPUT -d 184.108.40.206 -j DROP
ping -c 5 220.127.116.11
ping: sendmsg: Operation not permitted
sudo iptables -L
sudo iptables -D OUTPUT -d 18.104.22.168 -j DROP
BackDoor.Wirenet.1Added to the virus database Dr.Web: 21/08/2012Inserted 22/08/2012Trojan backdoor that can run on Linux and MacOS X. Has keylogger functionality, can steal passwords typed by the user in the browser Opera, Firefox, Chrome, Chromium, and passwords from applications such as Thunderbird, SeaMonkey, Pidgin.When executed, it copies itself to the user's home directory. In MacOS: folder% home%/WIFIADAPT.app.app In Linux: in ~/WIFIADAPT Establishes a connection to a remote command center at 22.214.171.124.Uses a check connections using encryption algorithm Advanced Encryption Standard (AES).
Anti-virus software from Doctor Web successfully detects and removes the backdoor, so the threat does not pose a serious danger to systems protected by Dr.Web for Mac OS X and Dr.Web for Linux.
"It's not clear yet how the Trojan, which was added to the Dr.Web virus database as BackDoor.Wirenet.1, spreads.
Link to Gareth's Blog