On Thu, 2009-02-19 at 15:11 -0700, Alaín Ramírez González wrote: > Creo que algo bastante interesante, esta creando un rumor un poco > ruidoso en inter, ahora estoy haciendo unas pruebas a ver que pasa con > ellas. Lo que quiero es que le echen un ojo y me digan que creen de > esto, otra cosa, lean los post de los usuarios que tiene algunas cosas mas.
>From http://ubuntulinuxtipstricks.blogspot.com Some guy wrote How To Write a Linux Virus in 5 Easy Steps, but he's wrong. What he describes is not a virus; it is a trojan. And he calls himself a geek! Let me start by saying that "malware" and "badware" are two commonly used umbrella terms for these types of software. It is a trojan because it relies entirely upon social engineering to install and run. Remember the Trojan Horse? The Greeks claimed the horse was a gift for the Trojans. It turned out to be hiding a bunch of armed men. This is the same thing. The malware claims to be something innocuous which the user might enjoy or believes is necessary. The user is thus tricked into installing it. That trickery? That's the social engineering. It's the same trickery the Greeks used. The user installs and maybe executes the malware. Since there was both trickery and user intervention, it is a trojan. A worm does not require user intervention. A worm will often (as in the case of Blaster) use a remote exploit to infect the host machine. It will then procreate and attack any other machines it can reach. It thus spreads completely on its own. Worms do not need to piggyback onto other files like trojans and viruses do. They exist in their own right and behave independently of pretty much all else. And then there's the generic virus. Viruses do usually require user intervention to spread, but they don't involve social engineering like a trojan does. Viruses will often infect innocuous files which are then shared without the sharer knowing that they are handing a virus to the other person. In the case of a trojan, the sender usually knows exactly what they're doing. The file being infected by the virus does not turn into a trojan by virtue of being infected. It is simply an infected file, possibly an infected program. Drive-by downloads are a bit confusing. Is it a trojan or a virus? It sort of depends on the site. If it's an attack site, you'll usually receive an email or IM with a link. Then there's some social engineering involved, and you did follow directions by going to the site, but the fact that you don't have to manually install something claiming to be safe puts it in the virus category for me. If it's a usually-safe site that happens to have been infected, then there's no grey area. That's a virus. K? So, let's stop calling every bit of malware we find "a virus," because that's just not right. We have words for the different types of malware. Let's use them. > -- Amaury Pupo Meriño Centro de Inmunología Molecular (CIM) Cuba. Linux user #394752 Phone: 2717933 (219) ***************************** Mice LOVE Bioinformatics ;-) ***************************** _______________________________________________ Cancelar suscripción https://listas.softwarelibre.cu/mailman/listinfo/linux-l Buscar en el archivo http://listas.softwarelibre.cu/buscar/linux-l
