>From everything that I have found so far, this is a proof-of-concept
virus that has not been found anywhere in the wild yet. No one is coming
out and saying it, but I think that this Anti-Virus company, (which I
have never heard of before) Central Command, is responsible for it's
creation. They are also responsible for all of the information about it.
I think that it is a scare tactic. Also, just to reiterate, don't run
unknown programs as root.
Kenny
Benjamin Scott wrote:
>
> On Wed, 28 Mar 2001, David Roberts wrote:
> > Have any of you seen this one? It seems it can infect both M$ and Linux
> > systems.
>
> From what I've read:
>
> The infector appears to have two implementations, one for Win32/i386, one
> for Linux/i386. Both infectors can infect files on both platforms. It does
> not work on non-i386 platforms. There is no other payload. The infection
> pattern is to scan all files in the current directory, and to ascend into
> parent directories. It does not desend into children of parents. It does not
> bypass system security restrictions, limiting damage on Linux or WinNT systems
> with sensible file permissions.
>
> The thing I am unclear on is whether it has the capability of modifying raw
> ext2 filesystems. If not, then the only way it can spread from a Win32 to a
> Linux system is via a network mount, or a third-party Win32 ext2 driver.
>
> Anyone else have more info on this?
>
> > Sorry for the BCC's, but I wasn't sure all of you wanted your
> > email addresses propagated ...
>
> For which I thank you! I get enough spam as it is... :-)
>
> --
> Ben Scott <[EMAIL PROTECTED]>
> | The opinions expressed in this message are those of the author and do not |
> | necessarily represent the views or policy of any other person, entity or |
> | organization. All information is provided without warranty of any kind. |
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
