> Dubbed the Linux.Slapper.Worm, it > exploits a buffer overflow vulnerability within OpenSSL, often used in > Apache Web servers. > > http://www.informationweek.com/story/IWK20020916S0001 >
Reading many of the headlines about this is interesting. One of the best was the information from Symantec, the new parents of Security Focus including the popular mailing list Bugtraq. Check out the "removal instructions" section from them: http://securityresponse.symantec.com/avcenter/venc/data/linux.slapper.worm.h tml I'm sure this procedure would work if this was on the Windows platform. It does not appear that Symantec is capable of handling things not MS related. Very poor and misleading information from a security company. It wasnt until the last day or so that they added a section at the bottom of the page with patch and actual information on what this worm does. Other headlines are calling this an Apache worm, a Linux worm, etc. somehow giving the impression that Linux or Apache itself is at fault and if you are running these, you are at risk. It is an OpenSSL bug. Linux is not a whole encompassing OS mixed with thousands of applications, servers, and configurations. Granted a hole is a hole but IMHO you have to report Unix/Linux problems a little differently then a boilerplate MS install. I guess my point is some security companies and reporters that have jumped on the Linux bandwagon are really clueless or maybe I just have a different opinion of what makes up a Linux installation. Sorry, just rambling on..
