Re: [masq] 1st WORM in Linux ?

Ingo Molnar (
Fri, 7 Feb 1997 22:41:17 +0100 (MET)

On Fri, 7 Feb 1997, Nathan Bryant wrote:

[original text slightly edited]

> I do agree that McAfee could be clearer about the threat. Their press
> release leaves some important questions unanswered, such as how the Bliss
> worm enters the system in the first placce. Is some FTP site
> distributing troian copies of Doom?

well, generally, a worm can enter the system from anywhere. If you use
unauthenticated binary-only stuff, then the threat is everywhere. And if
you download Doom from smaller web sites, it might happen that there is
some custom code waiting in it.

thats why you should stay mostly source-only packages, like lynx (Netscape
is a nice piece of code, waiting to be used for funnies).

if you need binary-only stuff, maybe you should use RedHat 4.1 with PAM,
rpm signatures and TripWire ? under Linux you can be as paranoid as you
want ;)

-- mingo