Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
But I find very little information about the targeted platforms. Now, my question is very simple, could this be exploited on Linux in genral, and OpenSuse 10.2 in special?
Even though the actual ANI exploit is targetted at Win this doesn't mean a) the sources (the webservers being exploited for redirection) could well be GNU/Linux boxen that where exploited by holes in PHP apps (since that's still common enough, sadly). And b) it's only Win is security-wise (and commercially speaking from certain types of crackers POV) a way easier target compared to Lin.
Note I'm not trying to spread FUD here, just trying to balance things a bit. Because they get exploited today we shouldn't get smug and leave implementing precautionary measures to tomorrow.
I have always wanted to be able to download a Windows virus and install it on my windows computer to see what happens, but I can never find a place to download them. It seems like you could use some of them for administrative purposes such as reformatting or shredding a drive.
<edit>I forgot you could download IE and Norton...;-)</edit>
Last edited by phantom_cyph; 06-20-2007 at 12:12 PM.
Just pointing out the SANS Mpack analysis at http://isc.sans.org/diary.html?storyid=3015: "The Italian hosts responsible for most of the domains seen in a recent MPack attack are using cPanel, a Web administration tool for clients. A zero-day cPanel attack took place in the fall of 2006 leading up to the large scale vector mark-up language (VML) attacks at that time.".
It's a M$ thing. Any server can host the IFRAME or other exploit (that's just markup in HTML, Javascript, etc.), but it's glass-jawed Windoze-only that gets whacked (again).
The lack of info as to what is effected by all MPack reports I've read is starting to make me think they left it out on purpose (eg, Hmmm... wonder if Linux is vulnerable too? Better check their article... [* increase appropriate website hit counter *] ).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.