Re: adobe pdf virus
Rick, Thats it then, I always hate it when I lock myself in and have to crawl out a window. And it sounds like you're having a better day already. Ronnie On Thursday 09 August 2001 07:18, you wrote: On Wednesday 08 August 2001 08:19 pm, you wrote: Rick, I've been playing since 83. The only rant I've read in this thread is yours. If you push your bed against the wall you cant fall out on the wrong side. Hope you have a better day tomorrow. Ronnie On Wednesday 08 August 2001 14:56, you wrote: Ronnie How long have you been in this computer world. Well the virus stuff has been with us since the 80s and it will stay with us. What we all need to do is protect ourselves the best we can. Backup systems and other important data. This ranting is tiresome and it takes up the band width. If you must have aconversation, great how about offline. Thanks and you all have a great day. Rick Sivernell Dallas, Texas 75287 972 306-2296 [EMAIL PROTECTED] Caldera Open Linux eWorkStation 3.1 Registered Linux User ? ? ? ? .~. ? ? ? ?/ v \ ? ? ? /( _ )\ ? ? ? ? ^ ^ In Linux we trust! ___ Ronnie What the heck you mean about walls, you have walls, I just have padded area all around me so I don't hurt myself. -- Ronnie == Life can be a dream; or it can be a nightmare it's all in your mind ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
On Thursday 09 August 2001 09:42 am, you wrote: Rick, Thats it then, I always hate it when I lock myself in and have to crawl out a window. And it sounds like you're having a better day already. Ronnie On Thursday 09 August 2001 07:18, you wrote: On Wednesday 08 August 2001 08:19 pm, you wrote: Rick, I've been playing since 83. The only rant I've read in this thread is yours. If you push your bed against the wall you cant fall out on the wrong side. Hope you have a better day tomorrow. Ronnie On Wednesday 08 August 2001 14:56, you wrote: Ronnie How long have you been in this computer world. Well the virus stuff has been with us since the 80s and it will stay with us. What we all need to do is protect ourselves the best we can. Backup systems and other important data. This ranting is tiresome and it takes up the band width. If you must have aconversation, great how about offline. Thanks and you all have a great day. Rick Sivernell Dallas, Texas 75287 972 306-2296 [EMAIL PROTECTED] Caldera Open Linux eWorkStation 3.1 Registered Linux User ? ? ? ? .~. ? ? ? ?/ v \ ? ? ? /( _ )\ ? ? ? ? ^ ^ In Linux we trust! ___ Ronnie What the heck you mean about walls, you have walls, I just have padded area all around me so I don't hurt myself. Actually everyday is a great day, I alive and kicking, able to get around while being round . Hell life is great. -- Rick Sivernell Dallas, Texas 75287 972 306-2296 [EMAIL PROTECTED] Caldera Open Linux eWorkStation 3.1 Registered Linux User ? ? ? ? .~. ? ? ? ?/ v \ ? ? ? /( _ )\ ? ? ? ? ^ ^ In Linux we trust! ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
I think so, AFAIK, ms products run pdf's without challenge. I have acrobat 5 and it opens fully when I click a pdf file. I use pdf's quite a bit and it concerns me that if this gets more work and wider spread that anyone with acrobat will be extremely vulnerable to a system attack. Also that its possible that with more work that even on the linux side someone could get code to execute when the plugin is run to open the pdf file. Ronnie On Tuesday 07 August 2001 20:56, you wrote: it uses the PDF extension only so that file association could get the script executed...right? Ronnie Gauthier wrote: not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users -- Ronnie == Life can be a dream; or it can be a nightmare it's all in your mind ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
According to what I just read, http://www.zdnet.com/zdnn/stories/news/0,4586,5095366,00.html?chkpt=zdnnp1tp02 it only affects the full version, not Acrobat Reader. But it's interesting that Using PDF bypasses the filters in newer versions of Outlook that ordinarily screen out VBScript files. Regards, Tim Ronnie Gauthier wrote: I think so, AFAIK, ms products run pdf's without challenge. I have acrobat 5 and it opens fully when I click a pdf file. I use pdf's quite a bit and it concerns me that if this gets more work and wider spread that anyone with acrobat will be extremely vulnerable to a system attack. Also that its possible that with more work that even on the linux side someone could get code to execute when the plugin is run to open the pdf file. Ronnie On Tuesday 07 August 2001 20:56, you wrote: it uses the PDF extension only so that file association could get the script executed...right? Ronnie Gauthier wrote: not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
Quoting Ronnie Gauthier [EMAIL PROTECTED]: I think so, AFAIK, ms products run pdf's without challenge. I have acrobat 5 and it opens fully when I click a pdf file. I use pdf's quite a bit and it concerns me that if this gets more work and wider spread that anyone with acrobat will be extremely vulnerable to a system attack. Also that its possible that with more work that even on the linux side someone could get code to execute when the plugin is run to open the pdf file. The worst you could do is bung up your user...as long as you aren't surfing as root. Hence the repetitive cautions of many listgoers to newbies (not saying you're one) not to surf as root. However, this is apparently only an Acrobat (creator not reader) issue. -- Linux SxS [http://members.home.net/linuxsteps/ ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
i don't quite understand this logic. i can see where you don't want to reload if you get a virus, BUT if i get a linux virus and it deletes everything in my home. i'm gonna lose everything that is important. i can reload my workstation and setup the firewalls and such. i dont want to lose my important stuff. i understand from a server standpoint, but everyone saysno big deal, you'll only lose whats in your user id, well thats the important stuff to me. i just burn it to a cd as a backup. anyway my 0.02c steve thompson Ian Marchak wrote: Quoting Ronnie Gauthier [EMAIL PROTECTED]: I think so, AFAIK, ms products run pdf's without challenge. I have acrobat 5 and it opens fully when I click a pdf file. I use pdf's quite a bit and it concerns me that if this gets more work and wider spread that anyone with acrobat will be extremely vulnerable to a system attack. Also that its possible that with more work that even on the linux side someone could get code to execute when the plugin is run to open the pdf file. The worst you could do is bung up your user...as long as you aren't surfing as root. Hence the repetitive cautions of many listgoers to newbies (not saying you're one) not to surf as root. However, this is apparently only an Acrobat (creator not reader) issue. -- Linux SxS [http://members.home.net/linuxsteps/ ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
Steve Thompson - UG wrote: i don't quite understand this logic. i can see where you don't want to reload if you get a virus, BUT if i get a linux virus and it deletes everything in my home. i'm gonna lose everything that is important. i can reload my workstation and setup the firewalls and such. i dont want to lose my important stuff. i understand from a server standpoint, but everyone saysno big deal, you'll only lose whats in your user id, well thats the important stuff to me. i just burn it to a cd as a backup. anyway my 0.02c Two things you can do to protect what's in your home directory: set u=r so that if you try to delete the file you're asked if you really want to. if you're using ext2 (won't work with reiserfs) as root, use chattr and set the i (impermeable) attribute. Now, even root can't delete this file -- it's impermeable. Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
Actually, the way I read this, the script is embedded in the PDF. Not clear on whether it only works with Acrobat full, or if it works in Reader, but you just have to double-click the link instead of just clicking. At 09:56 AM 8/8/01 +0800, you wrote: it uses the PDF extension only so that file association could get the script executed...right? Ronnie Gauthier wrote: not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users Stuart Biggerstaff Linda Hall Library 5109 Cherry Kansas City, MO 64110 Phone: (816) 926-8748 (800) 662-1545 x748 FAX:(816) 926-8785 URL:www.lindahall.org ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
On Wed, Aug 08, 2001 at 09:08:17AM -0400, Steve Thompson - UG wrote: i don't quite understand this logic. i can see where you don't want to reload if you get a virus, BUT if i get a linux virus and it deletes everything in my home. i'm gonna lose everything that is important. i can reload my workstation and setup the firewalls and such. i dont want to lose my important stuff. i understand from a server standpoint, but everyone saysno big deal, you'll only lose whats in your user id, well thats the important stuff to me. i just burn it to a cd as a backup. anyway my 0.02c If one is truly paranoid about dealing with things like this, it's easy enough to set up a user on the system specifically for internet use, and do all browsing as that user. It's even easy to do using ssh. ``ssh -l safeuser -f opera'' will start up opera running as safeuser in safeuser's home directory. This way only things under that home directory is vulnerable. Of course no security is worth a damn if one doesn't have good verified backups. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ A man full of faith is simply one who has lost (or never had) the capacity for clear and realistic thought. He is not a mere ass; he is actually ill. Worse, he is incurable. H.L. Mencken ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
Not so far...but the ability of PDFs and Acrobat to do something like this means we can't look at PDFs as innocuous. I mean most people have felt nearly as safe opening a PDF to see what it is as a text file. At 10:13 AM 8/8/01 -0500, Jim Conner wrote: The way I read this is that it needs Acrobat full it will not work with Acrobat Reader. Since Acrobat full isn't ported to Linux, we are immune. Also, it will need MS Outlook and a way to run a vbs script. Only Windows systems that have Acrobat full and MS Outlook installed will be vulnerable. This doesn't seem to be a new linux virus. Jim Stuart Biggerstaff Linda Hall Library 5109 Cherry Kansas City, MO 64110 Phone: (816) 926-8748 (800) 662-1545 x748 FAX:(816) 926-8785 URL:www.lindahall.org ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
The article reference that was posted here (yesterday?) said it does ^^not^^ work in Acrobat Reader - only in the full Acrobat program. FWIW Regards, Glenn On Wednesday 08 August 2001 09:00 am, Stuart Biggerstaff observed: Actually, the way I read this, the script is embedded in the PDF. Not clear on whether it only works with Acrobat full, or if it works in Reader, but you just have to double-click the link instead of just clicking. At 09:56 AM 8/8/01 +0800, you wrote: it uses the PDF extension only so that file association could get the script executed...right? Ronnie Gauthier wrote: not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users Stuart Biggerstaff Linda Hall Library 5109 Cherry Kansas City, MO 64110 Phone: (816) 926-8748 (800) 662-1545 x748 FAX:(816) 926-8785 URL:www.lindahall.org ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users -- Glenn Williams - [EMAIL PROTECTED] Registered Linux User # 135678 Powered by SuSE 7.2 ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
Rick, I've been playing since 83. The only rant I've read in this thread is yours. If you push your bed against the wall you cant fall out on the wrong side. Hope you have a better day tomorrow. Ronnie On Wednesday 08 August 2001 14:56, you wrote: Ronnie How long have you been in this computer world. Well the virus stuff has been with us since the 80s and it will stay with us. What we all need to do is protect ourselves the best we can. Backup systems and other important data. This ranting is tiresome and it takes up the band width. If you must have aconversation, great how about offline. Thanks and you all have a great day. Rick Sivernell Dallas, Texas 75287 972 306-2296 [EMAIL PROTECTED] Caldera Open Linux eWorkStation 3.1 Registered Linux User ? ? ? ? .~. ? ? ? ?/ v \ ? ? ? /( _ )\ ? ? ? ? ^ ^ In Linux we trust! ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users -- Ronnie == Life can be a dream; or it can be a nightmare it's all in your mind ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
that's why AIA is still in business. :) Of course no security is worth a damn if one doesn't have good verified backups. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
adobe pdf virus
not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt -- Ronnie == Life can be a dream; or it can be a nightmare it's all in your mind ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users
Re: adobe pdf virus
it uses the PDF extension only so that file association could get the script executed...right? Ronnie Gauthier wrote: not sure if this is real but it sounds like it is. http://www.coderz.net/zulu/outlook.pdfworm.txt _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ http://linux.nf -- [EMAIL PROTECTED] Archives, Subscribe, Unsubscribe, Digest, Etc -http://linux.nf/mailman/listinfo/linux-users