|
MyDoom Virus
I was just wondering...I hope this question isn't stupid but whatever. Does the new MyDoom virus going around affect Linux OS distributions? I heard that Linux is much less suseptable to viruses. So answers?
|
Viruses have to be designed specially to be cross platform or just for Linux.
MyDoom to my knowledge isn't (not sure how it works thought) I think it's just another one of those outlook exploting viruses, which unless you run outlook won't affect you. |
No linux isnt affected by the virus , its ThierDoom not ours :)
this is one of the privileges using linux |
I'm pissed off. Yahoo filtered it out. They didn't filter out beagel, but they filter out mydoom? If anyone has a copy of this in their email, could you please send it to me(Compressed, like a .bz2 or .gz)? Compression seems to throw off email virus protection, at least for our type of compression. Who needs .zip anyway? :p
I just want to see the coding, and see what makes it tick and everything. If you have any questions about my motives, search for "Bagel virus" or "beagel virus" and you'll be sure to get my thread about it. |
i didnt get it.
i heard it wsa supposed to attack SCO, then microsoft. i wouldnt mind helping the venture along, if it didnt mess with my comp. i think it sent a sever request or somthing like that to SCO's website every milisecond. they shut the site down pretty quick. at least thats what i heard. id like a copy to. |
"I think it's just another one of those outlook exploting viruses, which unless you run outlook won't affect you."
It doesn't need to be Outlook (though Outlook is probably more effective as a vector for this virus). It's an attachment and anyone who runs that attachment will infect their computer. By "anyone" I of course mean Windows users, as it is a Windows executable, and it can't run on Linux, BSD, Mac, etc under normal circumstances. |
Here's the lowdown, since I've been reading up on the virii lately:
MyDoom only infects Windows computers. I'm guessing that it's because it's like Beagel, where it affected the system's regestry. For that reason, it only affects Windows computers directly. However, it also uses those computers to perform DenialOfService attacks on SCO's website, and starting Feb. 3, it's going to go after Microsoft's website. For all infected computers, it looks through their addressbook for Outlook, because it doesn't affect Mozilla, and Netscape is based off of Mozilla. Anywho, it then goes and sends copies of itself to all people listed in the address book. But then again, it could also send itself to all people in your Yahoo account too, I'm not too sure on that aspect. If it's smarter, like Beagel, then it'll rename its attachment each time, using random characters, whenever it sends itself out to other email addresses. |
Hi r_jensen the 11th,
Virii sent :-) I see that mydoom is very clever since it makes use of the stupidity of some system administrators who configure their mail servers to return the whole mail to the sender when the recepient mailbox is non-existing. Mydoom simply sends itself with a spoofed sender address to a non-existing recepient at such a badly-configured mail server, which will then stupidly return the WHOLE MAIL (with the virus) to the spoofed sender. This way the virus can completely hide the actual sender, and the final recepient will receive the virus in a real "undeliverable" message from a mailer-daemon. I also see that some began to "manually" help mydoom to spread, as once I got mydoom via a non-existing mail address uristen(at)menny.hu ("god(at)heaven.hu"). If a virus needs a non-existing mailbox address, it will probably not scan your computer for non-existing addresses :-), but generate a random one or slightly modify an existing one, but, in no case will it invent a non-existent mail address that makes sense (is funny) in Hungarian. I could still find out from the mail header that the virus was originally sent by an adsl user at axelero.hu, but axelero's customer service was not very eager to investigate the matter, though they could possibly catch someone who is actively and intentionally participating in spreading the virus. |
J_Szucs, I did not receive the message. Could you send it to r_jensen11<at>yahoo<dot>com please? And in case I didn't say anything before about compression, could you please compress it via bz2, gz, or tar? I know that bz2 works, because that's how I sent beagel to one of my accounts to see if it would pass the filter.
|
|
I have plenty of this in my inbox. If someone wants it please email me personally (vladATwebmailDOTcoDOTza) and I'll mail it to you tomorrow from work.
|
vlad, the main thing with the virus is that if you want to send it to someone so they can look at it without it getting filtered out, you'll have to download it somehow, then compress it, then send it to the person. You can't just forward the message, because now the email providers are filtering it out.
|
kind of funny...
My Computer
My Documents My (illegally downloaded) Music My Pictures My Doom- will launch a DoS against SCO and MicroSoft.com |
Quote:
|
eh, another virus; heard many analysts say that this could be one of the worst ones known...
anyway, like stated before, virii for linux are not effective unless designed to attack something common between all types of operating systems (like just screwing the kernel) or are designed to attack linux directly what saves linux from destruction even if a virus is made for linux is the very effective permissions system; unless you are careless with your system and browse the web a good deal wilst logged in as root, then virii are not likely to do damage to the system but may corrupt things that the user has permission to modify (normally only stuff in /home/user) unless a virus can find a way to bypass the permissions and use some raw writing technique to "scratch" the harddisk (as in, bypass the permissions and actually burn those holes along the disk), then the virus can't do too much damage there has actually been an experiment to demonstrate this concept *actually, what would really prevent the cracking of the permissions system? |
| All times are GMT -5. The time now is 03:40 PM. |