How can Microsoft be proud to market this drivel !

[MICHAEL]

* Mr. Happy:
> MICHAEL wrote:
>
>>
>> * Alias:
>>> MICHAEL wrote:
>>>> * Alias:
>>>>> MICHAEL wrote:
>>>>>> * Alias:
>>>>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any
>>>>>>> other malware. http://www.ubuntu.com/
>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux RootKits For
>>>>>> Beginners - From Prevention to Removal
>>>>>>
>>>>>> One day while reading a mail list for the Linux Users Group in my hometown I
>>>>>> discovered a call for help. It was a posting from a novice Linux user with a
>>>>>> disturbing issue. While doing some routine checks on a Linux system, he found a
>>>>>> user that had been added to the system with the user id of 0 (root). His first
>>>>>> thought was that it might be a rootkit. He wanted to know what he could do to
>>>>>> verify it was a rootkit and how to remove it from the system. He further asked for
>>>>>> suggestions on preventative measures to ensure this kind of attack does not
>>>>>> reoccur. That situation prompted me to write this paper to an understanding of
>>>>>> rootkits and its effects. This paper will also discuss how to monitor for a
>>>>>> rootkit, and the steps that need to be taken to remove one.
>>>>>>
>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with one built-in. I
>>>>> would also recommend a router hard firewall.
>>>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>>>
>>>> You said "never", you were wrong.
>>>>
>>>> "Absolute truth" is for absolute fools.
>>>>
>>>>
>>>> -Michael
>>> Is there an echo in here?
>> Only the echoes of your foolish nonsense.
>>
>>> If one has Ubuntu that comes with a firewall
>> So does Vista.
>>
>>> and a router with a firewall how, pray tell, will anyone install a root kit?
>> You never stated that in your original reply.
>>
>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>
>> I see no mention of using additional security measures.
>>
>> Now you bring up the "ifs". If a Window user properly secures their machine, they will
>> not suffer from rootkits, either.
>>
>> Amazing that there are programs for Linux rootkit removal when there are no Linux machines
>> getting infected.
>>
>> Amazing such warnings, as the below, exist if no Linux users were being infected.
>>
>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html Severity: HIGH
>> Description: The Satori Linux Rootkit is a collection of publicly available Trojan
>> utilities that target Linux systems. It is also known as Linux Rootkit 4 and is
>> distributed by The Crackers Layer.
>
> Please, at least try and stay current. Linux Rootkit IV was released in November 26,
> 1998!!!! Really had to scratch around the Net to find one?
>
> http://www.ossec.net/rootkits/studies/lrk5.txt

My problem with Alias is that he spoke in absolute terms,
as if was impossible to for Linux to be infected by viruses,
trojans, worms, or rootkits... he was wrong.

The fact that there haven't been many major efforts at creating Linux worms
isn't proof that they are impossible.

http://www.ossec.net/rootkits/

http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
They may not have the infamy of Code Red and Nimda, but there are Linux viruses and worms in
the wild. Here are some of the more infamous pieces of malicious code that have a taste for Linux:

Slapper: The most dangerous Linux worm it's network-aware and in August 2002 it exploited a
flaw in OpenSSL libraries in Apache servers with OpenSSL enabled.

Bliss: Also a well-known bug, it infects ELF executables, locating binaries with write access
and overwrites those with its own code.

Lindose: A rare cross-platform scourge, able to jump Windows PE and Linux ELF executables. It's
a proof-of-concept worm and has not hit the wild.

Ramen: Not just a noodle, another network-aware worm jumping from Linux server to server.

Staog: Considered the first Linux virus, it infects ELF executables.

Typot: A Linux Trojan that does distributed port scanning, generating TCP packets
with a window size of 55808.
-------------------------
http://www.linuxquestions.org/questions/showthread.php?t=399624

http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0

http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0

 

[Jupiter Jones [MVP]]

Alias
You need to read my post again.
This time read the entire post instead of selectively.

Like I said...
What do you base your standard?

--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org


"Alias" <aka@maskedandanonymous.info> wrote in message
news:%23zRvVpyvHHA.4132@TK2MSFTNGP02.phx.gbl...
> Like I said, a double standard. If I defended Windows as much as
> Frank does, you wouldn't have said squat.
>
> Alias

 

[MICHAEL]

* Alias:
> MICHAEL wrote:
>> * Alias:
>>> Frank wrote:
>>>> Alias wrote:
>>>>
>>>>> Kerry Brown wrote:
>>>>>
>>>>>> "Alias" <aka@maskedandanonymous.info> wrote in message
>>>>>> news:u9nl1pvvHHA.3588@TK2MSFTNGP06.phx.gbl...
>>>>>>
>>>>>>> Back to the present. Use Ubuntu and never worry about a virus, root
>>>>>>> kit or any other malware. http://www.ubuntu.com/
>>>>>>>
>>>>>>> Alias
>>>>>> Where do you think the term "root kit" came from? Is there a root
>>>>>> user in Windows?
>>>>>>
>>>>> Hence the need for a firewall which Ubuntu provides. Oops.
>>>>>
>>>>> Alias
>>>> Oops...Oops...Oops...could you possibly shove your feet any further down
>>>> your throat?
>>> Um, I never said a firewall wasn't necessary and thinking about it isn't
>>> either being as it comes bundled with Ubuntu.
>> Vista also comes with a firewall.
>>
>>>> Try harder!
>>>> Oops!
>>>> You're a real side show freak.
>>>> Frank
>> I removed the your other remark about Frank,
>> you should remove the post.
>>
>> I would have thought such was not even possible from you.
>>
>>
>> -Michael
>
> Let's see. Frank lies about me and says I am a side show freak and a
> fugitive and you say nothing. I strike back and you have a hissy fit.

Little man, you are not worth any type of "fit".

It's simple, you crossed the line.

I'm done with you. No promises, just simple fact.


-Michael

 

[Mike Hall - MVP]

It is a concern for Windows users too.. it is possible for a Windows
computer to spread stuff in the same way, all without user knowledge.. this
is why we advocate the use of as much security as possible..

If a single system is infected and that is where it ends, it can be cleaned
out easily enough.. where a virus or trojan is designed to send out data
specifically to induce as many computers as possible to spew out endless
e-mails with a view to clogging up the internet and internal networks, that
is a very serious problem indeed, especially where it is happening on a
system platform that the user thinks is not affected by virus, trojan,
rootkits et al..


"norm" <noone@afakeddomain.net> wrote in message
news:eA$8qsyvHHA.4516@TK2MSFTNGP06.phx.gbl...
> Mike Hall - MVP wrote:
>> Alias
>>
>> You are way too smug regarding how safe you believe Linux/Unix to be..
>>
>> One of the articles below explains how a Linux system can be a virus
>> carrier without the user ever knowing.. this situation is every bit as
>> bad as a Windows system that has been breached.. the others are from
>> different years, but all alerting to the fact that Linux/Unix and MAC are
>> not 100% virus immune..
>>
>> I have yet to come across a 'true' Linux professional who would put their
>> name to the misleading claims made by you.. your anti-MS stance is
>> blinding you to the realities of ANY OS.. that makes you dangerous..
>
> I agree that the blind advocacy is harmful and that nothing is a 100%
> guaranteed, but in terms of having and using virus scanners and such on
> linux, there seems to be little concern about viruses/worms and other
> malware in terms of linux becoming infected, and doing any real damage to
> the os itself and then actually passing itself along. It seems more the
> issue of a linux user passing along unknowingly something that has no
> affect on linux but would be a problem with windows. An example might be
> any number of email transmitted viruses/worm malware that could be clicked
> all day or run through a linux machine without issue, but could be passed
> along on a forwarded email to do damage on a windows machine. In such a
> case, an anti-virus/anti-malware programs would not be a waste on linux. I
> know this is an oversimplification, but it seems to be a larger concern at
> this point, anyway.
>>
>>
>> "Alias" <aka@maskedandanonymous.info> wrote in message
>> news:eS2gVRwvHHA.3468@TK2MSFTNGP05.phx.gbl...
>>> Richard Urban wrote:
>>>> Alias doesn't know about the history of his operating system of choice
>>>> to know that rootkits were developed for Unix and are 100% effective in
>>>> Linux/Ubuntu.
>>>>
>>>
>>> Yet there are no reports of this possibility happening so go figure.
>>>
>>> Alias
>>
>
>
> --
> norm

--


Mike Hall
MS MVP Windows Shell/User
http://msmvps.com/blogs/mikehall/

 

[Frank]

Alias wrote:

> Frank wrote:
>
>> Alias wrote:
>>
>>> Frank wrote:
>>>
>>>> Alias wrote:
>>>>
>>>>> Frank wrote:
>>>>>
>>>>>> Alias wrote:
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Got proof? Didn't think so.
>>>>>>>
>>>>>>
>>>>>> ----------------------------------
>>>>>> Got proof it is? Didn't think so?
>>>>>> You're pathetic!
>>>>>> Frank
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Um, insults and a lack of reading comprehension on your part do not
>>>>> qualify as proof.
>>>>>
>>>>> Alias
>>>>
>>>>
>>>> --------------------------
>>>>
>>>> How stupid can one person be? hahaha...no need to ask. Hey butt
>>>> munch, prove your statement or STFU!
>>>> Frank
>>>
>>>
>>>
>>> Um, insults and a lack of reading comprehension on your part do not
>>> qualify as proof.
>>>
>>> Alias
>>
>>
>> Stop back pedaling bozo and just provide the proof...or else craw back
>> under that rock you keep coming out from under and stay there!
>> Frank
>
>
> You need to provide the proof, not me.
>
> Alias

Uhhh...are you dumber that dumb...you're the one making the
claim...prove it or look look the fool your really are.
Frank

 

[Frank]

Alias wrote:

> Frank wrote:
>
>> Alias wrote:
>>
>>
>>>
>>>
>>> Word has it that you're a pedophile.
>>
>>
>> ------------------------------------------------
>>
>> Sorry pal not my bag but it appears the guilt of your sins can't keep
>> your mouth shut, huh?
>> You are a admitted pedophile.
>> That's why you won't use your real name.
>> You've got wants & warrants out for you for molesting children in the
>> USA!
>> They tolerate that crap in spain?
>> I hope the parents or relatives of the kids you're molesting catch you
>> and beat your slim ball a*s to near death.
>> You are a real side show freak!
>> Pathetic...you're absolutely a pathetic human being!
>> Frank
>
>
> Projecting will get you nowhere.
>
> Alias

I only hope the authorities get you real soon, you sick POS!
Frank

 

[The poster formerly known as Nina DiBoy]

Mike Hall - MVP wrote:
> Unfortunately, Windows bigots are every bit as misleading as Linux bigots..
>
> The common denominator here is the term 'bigot'..
>
>
> "Alias" <aka@maskedandanonymous.info> wrote in message
> news:ueAguRwvHHA.3468@TK2MSFTNGP05.phx.gbl...
>

OIC, you are just as misleading as a linux bigot. Makes sense.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

Most recent idiotic quote added to KICK (Klassic Idiotic Caption Kooks):
"They hacked the Microsoft website to make it think a linux box was a
windows box. Thats called hacking. People who do hacking are called
hackers."

"Good poets borrow great poets steal."
- T. S. Eliot

 

[The poster formerly known as Nina DiBoy]

Adam Albright wrote:
> On Thu, 5 Jul 2007 09:35:52 -0400, "Richard Urban"
> <richardurbanREMOVETHIS@hotmail.com> wrote:
>
>> Alias will refuse to believe "any" of this. He has placed his head where the
>> sun doesn't shine.
>
> I don't take anything you say seriously and do wonder how you became a
> MVP since I haven't seen you demonstrate even minimal technical
> knowledge on any topic yet. Who are you trying to fool Richie?
>

His name is Dick.

--
Priceless quotes in m.p.w.vista.general group:
http://protectfreedom.tripod.com/kick.html

Most recent idiotic quote added to KICK (Klassic Idiotic Caption Kooks):
"They hacked the Microsoft website to make it think a linux box was a
windows box. Thats called hacking. People who do hacking are called
hackers."

"Good poets borrow great poets steal."
- T. S. Eliot

 

[Peter Foldes]

Obviously this (latest one on June 06 2007 below and many more only for Ubuntu alone and not counting all the other Linux flavors is not advertised by the Linux groups. But if you go to the Ubunto forum there is quite a few that got hit by this. Using Paypal will get you to the proper Linux support to fix the problem. Paypal is Linux's best friend. At the end what is cheaper and more reliable.

I have Red Hat installed and believe me it is not free to run even though it is a free download

There is nothing that is free today. The same goes for Linux. Have an issue and need a fix it will cost you money. What is cheaper to run, well,, hard to say. They are both about the same in costs one way or another
------------------------------------------------------------------------------------------------------------------------------------------------
Wed, 2007-06-27 00:01. usn
Referenced CVEs:
CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
Description:
=========================================================== Ubuntu Security Notice USN-477-1 June 26, 2007 krb5 vulnerabilities CVE-2007-2442, CVE-2007-2443, CVE-2007-2798 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libkadm55 1.4.3-5ubuntu0.4 Ubuntu 6.10: libkadm55 1.4.3-9ubuntu1.3 Ubuntu 7.04: libkadm55 1.4.4-5ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. (CVE-2007-2442) Wei Wang discovered that the krb5 RPC library did not correctly check the size of certain communications. A remote attacker could send a specially crafted request to kadmind and execute arbitrary code with root privileges. (CVE-2007-2443) It was discovered that the kadmind service could be made to overflow its stack. A remote attacker could send a specially crafted request and execute arbitrary code with root privileges. (CVE-2007-2798)

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"Alias" <aka@maskedandanonymous.info> wrote in message news:%23TkgeoxvHHA.2040@TK2MSFTNGP03.phx.gbl...
> Mike Hall - MVP wrote:
>> Because the user gives it permission, albeit unwittingly? How do you
>> think systems get infected?
>
> There are many ways that Windows boxes get infected.
>
>>
>> Re proof, two of us have provided reading material from Linux sources..
>> can you not read and comprehend them?
>
> Yeah, but no one case was sited.
>
> Alias, still waiting for proof, not theories.
>>
>>
>> "Alias" <aka@maskedandanonymous.info> wrote in message
>> news:uxAiWXxvHHA.4384@TK2MSFTNGP02.phx.gbl...
>>> MICHAEL wrote:
>>>>
>>>> * Alias:
>>>>> MICHAEL wrote:
>>>>>> * Alias:
>>>>>>> Back to the present. Use Ubuntu and never worry about a virus,
>>>>>>> root kit or any other
>>>>>>> malware. http://www.ubuntu.com/
>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php
>>>>>> Linux RootKits For Beginners - From Prevention to Removal
>>>>>>
>>>>>> One day while reading a mail list for the Linux Users Group in my
>>>>>> hometown I discovered a call
>>>>>> for help. It was a posting from a novice Linux user with a
>>>>>> disturbing issue. While doing some
>>>>>> routine checks on a Linux system, he found a user that had been
>>>>>> added to the system with the
>>>>>> user id of 0 (root). His first thought was that it might be a
>>>>>> rootkit. He wanted to know what
>>>>>> he could do to verify it was a rootkit and how to remove it from
>>>>>> the system. He further asked
>>>>>> for suggestions on preventative measures to ensure this kind of
>>>>>> attack does not reoccur. That
>>>>>> situation prompted me to write this paper to an understanding of
>>>>>> rootkits and its effects. This
>>>>>> paper will also discuss how to monitor for a rootkit, and the steps
>>>>>> that need to be taken to
>>>>>> remove one.
>>>>>>
>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with one
>>>>> built-in. I would also recommend a router hard firewall.
>>>>
>>>> "Use Ubuntu and never worry about a virus, root kit
>>>> or any other malware." -Alias
>>>>
>>>> You said "never", you were wrong.
>>>>
>>>> "Absolute truth" is for absolute fools.
>>>>
>>>>
>>>> -Michael
>>>
>>> Is there an echo in here? If one has Ubuntu that comes with a firewall
>>> and a router with a firewall how, pray tell, will anyone install a
>>> root kit?
>>>
>>> Alias
>>

 

[Stephan Rose]

On Thu, 05 Jul 2007 13:09:59 -0400, Mike Hall - MVP wrote:

> Look over yonder.. is that hell I see freezing over?
>
> I can just see whoever allowing us to open up a driver file for a two year
> old product and remove the part where is says 'XP only'.. or removing the OS
> specific identifier for a program that allows the burning of CDs.. far
> better we look online or on the racks of our favorite retailer for 'new'
> stuff..

I wasn't necessarily referring to older prodcuts. Brand new devices suffer
from the same problem, such as this very new HP Pavilion sitting on my
desk where I am right now messing with it to get the stupid Broadcom
wireless running since Broadcom absolutely refuses to release linux
drivers.

The thing about it is, they don't need to release drivers. They don't even
need to support any OS other than windows. A simple document that explains
how to communicate with their hardware would be enough...and people like
me wouldn't take their business elsewhere in the future.

I haven't gotten around to buying an Intel wireless card for this laptop
yet.

--
Stephan
2003 Yamaha R6

å›ã®ã“ã¨æ€ã„出ã™æ—¥ãªã‚“ã¦ãªã„ã®ã¯
å›ã®ã“ã¨å¿˜ã‚ŒãŸã¨ããŒãªã„ã‹ã‚‰

 

[Bill Yanaire]

Re: How can Microsoft be proud to market this drivel - Just FYI

Why would he want to like Microsoft alot better? Earth to Kevin: Windows
Server is for business users NOT for desktop users. If he has an issue with
Vista he can correct it. Just FYI. If it can't be corrected then he
should go back to XP. Just FYI. This isn't rocket science. Just FYI.

Your only help is, wipe out your system and install a Beta version of a
server product. Just FYI. Pretty smart there USPS boy. Just FYI. What
happens when the Beta expires? Just FYI.

Should he upgrade to the Server RTM and pay double for the software? Just
FYI.

How about antivirus? Just FYI. The server versions are more expensive
than the client versions. Just FYI.

Get a clue Kevin, Just FYI.

By the way, do I have enough FYI's for you? Just FYI.


"Kevin John Panzke" <kevpan815@hotmail.com> wrote in message
news:ey$H93xvHHA.5008@TK2MSFTNGP05.phx.gbl...
> Try Out Windows Server 2008 Beta 3 Public Beta, And You Will Like
> Microsoft A Whole Lot Better.
>
> "DanielN" <DanielN@discussions.microsoft.com> wrote in message
> news:1C18C11F-015D-40FC-86B6-3C2AF1A575A2@microsoft.com...
>> Hi People,
>>
>> I have been a computer engineer for around 7 years professionally with
>> around 7 years prior to that self teaching myself all I could about
>> Windows.
>> I am now MCP qualified and hopefully will soon be MCSA/MCSE/MCDBA/CCNA
>> qualified as well.
>>
>> I have used Vista only a couple of times although getting a very bad
>> feeling
>> about it having read many bad things and experiencing some worrying
>> things
>> like it takes more time for vista to spawn and animate the copying file
>> dialog then it does for say windows xp to even have copied the file
>> already.
>> this is only minor though.
>>
>> Today one of my customers who has a vista machine (I dont) got in touch
>> saying windows was bringing up an error saying that:
>>
>> 'Windows explorer has stopped working' and then 'Windows explorer is
>> restarting.'
>>
>> Now I know there is a virus/spyware/adware on it. cause i can see an icon
>> for counterfit antispyware.
>>
>> the problem is even if I go into safemode to clean it (remove program and
>> run scans of various kinds) which would have worked pretty much most of
>> the
>> time in previous versions of windows doesnt work cause you have the same
>> problem.
>>
>> i am getting the feeling MS have screwed up with Vista like they did with
>> Windows ME.
>>
>>
>> I am shocked that years down the line after ME and I am sure MS knew what
>> the score was with ME. They have managed to do it again. They should have
>> stuck with XP - perhaps brought out some addons/updates if they really
>> thought people were desperate for new stuff, and put in some serious work
>> into Vienna. I have heard that there were so many problems with Vista
>> they
>> enlisted the help of the Vienna development team to help fix stuff.
>> Obviously
>> there was to much to fix.
>>
>> Now I have had my little rant. Maybe MS will sort this.
>>
>> My advice demand Win XP Pro on new machines. Do not be told that u must
>> have
>> Vista cause it is the best around.
>>
>> Dan
>>
>> Ps. I have also had a customer have a problem authenticating with a WPA
>> encrypted wireless network as well. Which turned out to be an
>> incompatibility
>> between the wireless card and Vista even though the wireless card was
>> built
>> into the laptop and it had a logo saying it was certified for Vista, and
>> this
>> was a big OEM's laptop. So what hope is there!
>

 

[norm]

MICHAEL wrote:
>
> * Mr. Happy:
>> MICHAEL wrote:
>>
>>> * Alias:
>>>> MICHAEL wrote:
>>>>> * Alias:
>>>>>> MICHAEL wrote:
>>>>>>> * Alias:
>>>>>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any
>>>>>>>> other malware. http://www.ubuntu.com/
>>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux RootKits For
>>>>>>> Beginners - From Prevention to Removal
>>>>>>>
>>>>>>> One day while reading a mail list for the Linux Users Group in my hometown I
>>>>>>> discovered a call for help. It was a posting from a novice Linux user with a
>>>>>>> disturbing issue. While doing some routine checks on a Linux system, he found a
>>>>>>> user that had been added to the system with the user id of 0 (root). His first
>>>>>>> thought was that it might be a rootkit. He wanted to know what he could do to
>>>>>>> verify it was a rootkit and how to remove it from the system. He further asked for
>>>>>>> suggestions on preventative measures to ensure this kind of attack does not
>>>>>>> reoccur. That situation prompted me to write this paper to an understanding of
>>>>>>> rootkits and its effects. This paper will also discuss how to monitor for a
>>>>>>> rootkit, and the steps that need to be taken to remove one.
>>>>>>>
>>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with one built-in. I
>>>>>> would also recommend a router hard firewall.
>>>>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>>>>
>>>>> You said "never", you were wrong.
>>>>>
>>>>> "Absolute truth" is for absolute fools.
>>>>>
>>>>>
>>>>> -Michael
>>>> Is there an echo in here?
>>> Only the echoes of your foolish nonsense.
>>>
>>>> If one has Ubuntu that comes with a firewall
>>> So does Vista.
>>>
>>>> and a router with a firewall how, pray tell, will anyone install a root kit?
>>> You never stated that in your original reply.
>>>
>>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>>
>>> I see no mention of using additional security measures.
>>>
>>> Now you bring up the "ifs". If a Window user properly secures their machine, they will
>>> not suffer from rootkits, either.
>>>
>>> Amazing that there are programs for Linux rootkit removal when there are no Linux machines
>>> getting infected.
>>>
>>> Amazing such warnings, as the below, exist if no Linux users were being infected.
>>>
>>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html Severity: HIGH
>>> Description: The Satori Linux Rootkit is a collection of publicly available Trojan
>>> utilities that target Linux systems. It is also known as Linux Rootkit 4 and is
>>> distributed by The Crackers Layer.
>> Please, at least try and stay current. Linux Rootkit IV was released in November 26,
>> 1998!!!! Really had to scratch around the Net to find one?
>>
>> http://www.ossec.net/rootkits/studies/lrk5.txt
>
> My problem with Alias is that he spoke in absolute terms,
> as if was impossible to for Linux to be infected by viruses,
> trojans, worms, or rootkits... he was wrong.
>
> The fact that there haven't been many major efforts at creating Linux worms
> isn't proof that they are impossible.
>
> http://www.ossec.net/rootkits/
>
> http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
> They may not have the infamy of Code Red and Nimda, but there are Linux viruses and worms in
> the wild. Here are some of the more infamous pieces of malicious code that have a taste for Linux:

Your point is well taken (and should be by everyone), but in reading the
info you provided below, one would think the world was falling in on
linux. That is not exactly the case, and is not the case now.
>
> Slapper: The most dangerous Linux worm it's network-aware and in August 2002 it exploited a
> flaw in OpenSSL libraries in Apache servers with OpenSSL enabled.
http://news.com.com/2100-1001-958758.html
A Linux worm that started spreading a week ago has reached a plateau
after infecting about 7,000 servers and turning the hosts into a
peer-to-peer network that could be used to attack other computers.
Known as Linux.Slapper.Worm, Slapper and Apache/mod_ssl, the worm's
spread has fallen far short of the biggest attackers in recent times.
For example, Code Red infected 400,000 servers last summer. And
according to the "National Strategy to Secure Cyberspace," the Nimda
virus compromised 86,000 systems last fall.
Perhaps most telling, security experts are already talking about Slapper
in the past tense.
"I thought it was very interesting, but it didn't do terribly much,"
said Roger Thompson, director of malicious code research at security
services company TruSecure.
>
> Bliss: Also a well-known bug, it infects ELF executables, locating binaries with write access
> and overwrites those with its own code.
http://en.wikipedia.org/wiki/Bliss_(virus)
Bliss is a computer virus that infects GNU/Linux systems. Its source
code was posted on a Usenet usergroup by its author on February 5, 1997.
When executed, it attempts to attach itself to Linux executable files,
to which regular users do not have access. This prevents the executables
from running, so users notice it immediately. Although it was probably
intended to prove that Linux can be infected, it does not propagate very
effectively because of the structure of Linux's user privilege system.
The Bliss virus never became widespread, and remains chiefly a research
curiosity.
When the Bliss virus was released, antivirus software vendors put out a
number of press releases about it. The claim was that since a "Linux
virus" existed, Linux users should buy antivirus software. Linux users
generally do not use antivirus software, except on servers that serve
files to Windows clients.
It writes a neat log of all its actions to /tmp/.bliss and even has a
--bliss-uninfect-files-please command line option that sometimes might
come in handy, and actually does what it promises.
>
> Lindose: A rare cross-platform scourge, able to jump Windows PE and Linux ELF executables. It's
> a proof-of-concept worm and has not hit the wild.
http://www.viruslist.com/en/viruses/encyclopedia?virusid=57567
Virus.Multi.Pelf.2132
Aliases
Virus.Multi.Pelf.2132 (Kaspersky Lab) is also known as: Pelf.2132
(Kaspersky Lab), Linux/Lindose (McAfee), W32.Peelf.2132 (Symantec),
Win32/Linux.Benny.2132 (Doctor Web), Linux/Lindose (Sophos),
Linux/Lindose.2132.A (RAV), ELF_LINDOSE.A (Trend Micro), W32/Winux
(H+BEDV), Unix/Lindose (FRISK), Win32:Lindose (ALWIL),
Win32/Lindose (Grisoft), Linux.PEELF.2132 (SOFTWIN), W32.Winux
(ClamAV), ELF/Winux.2784 (Panda), Elf/Lindose.2132 (Eset)
Description added Mar 28 2001
Behavior Virus
Technical details
(aka Lindose)
This is a harmless non-memory resident parasitic multipartite virus. It
infects Windows executable files as well as Linux ones (Windows PE files
and Linux ELF files).
The virus is written in Assembler, and is about 2.5 Kb in size. It does
not manifest itself in any way, and it is like a multiplatform
Windows-Linux virus concept.
>
> Ramen: Not just a noodle, another network-aware worm jumping from Linux server to server.
http://www.ciac.org/ciac/bulletins/l-040.shtml
L-040: The Ramen Worm
February 2, 2001 21:00 GMT
PROBLEM: A Linux worm named 'Ramen' has been detected in the wild. CIAC
has had reports of compromised systems and numerous scans.
PLATFORM: Redhat Linux 6.2 and 7.0
DAMAGE: Ramen automatically attacks all vulnerable systems it can find.
Intruders can gain root access to vulnerable systems.
SOLUTION: This worm exploits known vulnerabilities in wu-ftpd, LPRng,
and rpc.statd. These services should be patched immediately. Patches are
available from Red Hat.
VULNERABILITY
ASSESSMENT: The risk is HIGH - The worm is in the wild and is being
actively used to exploit vulnerable systems.
CIAC, CERT, and others are receiving reports of systems compromised by
the Ramen Worm. The worm is in the wild and performs fully automated
breakins to vulnerable systems. As it is fully automated, it continues
to attack systems until all running copies are found and stopped.
Rebooting systems does not stop the worm as it installs code to
automatically restart itself after a reboot.
The binaries contained in the worm are specific to Linux 6.2 and 7.0.
However, someone with access to the source code for the binaries could
recompile them under other versions of UNIX to attack other platforms.
As far as we know, the source code for the binaries is not yet in the wild.
>
> Staog: Considered the first Linux virus, it infects ELF executables.
http://en.wikipedia.org/wiki/Staog
Staog was the first computer virus written for the Linux operating
system. It was discovered in the fall of 1996, and the vulnerabilities
that it exploited were shored up soon after. It has not been detected in
the wild since its initial outbreak.
Staog was able to infect Linux despite its security-oriented design
which requires users and programs to login as root before any drastic
operations can be taken. It worked by exploiting some kernel
vulnerabilities to stay resident. Then, it would infect executed binaries.
Since it relied on fundamental bugs, software upgrades made systems
immune to Staog. This, combined with its shot in the dark method of
transmitting itself, ensured that it died off rather quickly.
>
> Typot: A Linux Trojan that does distributed port scanning, generating TCP packets
> with a window size of 55808.
http://www.symantec.com/security_response/writeup.jsp?docid=2003-062018-4739-99
Trojan.Linux.Typot
Risk Level 1: Very Low
Discovered: June 20, 2003
Updated: February 13, 2007 12:02:46 PM
Also Known As: 55808, Stumbler
Type: Trojan Horse
Systems Affected: Linux
Trojan.Linux.Typot is a Trojan Horse that affects Linux systems. It
generates TCP packets with a window size of 55,808.
Protection
* Initial Rapid Release version June 23, 2003
* Latest Rapid Release version June 23, 2003
* Initial Daily Certified version June 23, 2003
* Latest Daily Certified version June 23, 2003
* Initial Weekly Certified release date June 25, 2003
Click here for a more detailed description of Rapid Release and Daily
Certified virus definitions.
Threat Assessment
Wild
* Wild Level: Low
* Number of Infections: 0 - 49
* Number of Sites: 0 - 2
* Geographical Distribution: Low
* Threat Containment: Easy
* Removal: Easy
Damage
* Damage Level: Low
Distribution
* Distribution Level: Low

> -------------------------
> http://www.linuxquestions.org/questions/showthread.php?t=399624
>
> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>
> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0


--
norm

 

[Mike]

> Alias doesn't know

Nuff Said.

Mike

 

[Steve]

"Richard Urban" <richardurbanREMOVETHIS@hotmail.com> wrote:
>Using your thinking we should have stayed with Windows 3.1 because people
>didn't hardly ever get any viruses using that system.

ahhh, the good old days before the registry, when you could actually
fix stuff by editing .ini files, and programs didn't spray files all
over the place...


--

Whenever I dwell for any length of time on my own shortcomings,
they gradually begin to seem mild, harmless, rather engaging little things,
not at all like the staring defects in other people's characters.

....Margaret Halsey

 

[Frank]

norm wrote:
> MICHAEL wrote:
>
>>
>> * Mr. Happy:
>>
>>> MICHAEL wrote:
>>>
>>>> * Alias:
>>>>
>>>>> MICHAEL wrote:
>>>>>
>>>>>> * Alias:
>>>>>>
>>>>>>> MICHAEL wrote:
>>>>>>>
>>>>>>>> * Alias:
>>>>>>>>
>>>>>>>>> Back to the present. Use Ubuntu and never worry about a virus,
>>>>>>>>> root kit or any other malware. http://www.ubuntu.com/
>>>>>>>>
>>>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux
>>>>>>>> RootKits For Beginners - From Prevention to Removal
>>>>>>>>
>>>>>>>> One day while reading a mail list for the Linux Users Group in
>>>>>>>> my hometown I discovered a call for help. It was a posting from
>>>>>>>> a novice Linux user with a disturbing issue. While doing some
>>>>>>>> routine checks on a Linux system, he found a user that had been
>>>>>>>> added to the system with the user id of 0 (root). His first
>>>>>>>> thought was that it might be a rootkit. He wanted to know what
>>>>>>>> he could do to verify it was a rootkit and how to remove it from
>>>>>>>> the system. He further asked for
>>>>>>>> suggestions on preventative measures to ensure this kind of
>>>>>>>> attack does not reoccur. That situation prompted me to write
>>>>>>>> this paper to an understanding of rootkits and its effects. This
>>>>>>>> paper will also discuss how to monitor for a rootkit, and the
>>>>>>>> steps that need to be taken to remove one.
>>>>>>>>
>>>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with
>>>>>>> one built-in. I would also recommend a router hard firewall.
>>>>>>
>>>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>>>> malware." -Alias
>>>>>>
>>>>>> You said "never", you were wrong.
>>>>>>
>>>>>> "Absolute truth" is for absolute fools.
>>>>>>
>>>>>>
>>>>>> -Michael
>>>>>
>>>>> Is there an echo in here?
>>>>
>>>> Only the echoes of your foolish nonsense.
>>>>
>>>>> If one has Ubuntu that comes with a firewall
>>>>
>>>> So does Vista.
>>>>
>>>>> and a router with a firewall how, pray tell, will anyone install a
>>>>> root kit?
>>>>
>>>> You never stated that in your original reply.
>>>>
>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>> malware." -Alias
>>>>
>>>> I see no mention of using additional security measures.
>>>>
>>>> Now you bring up the "ifs". If a Window user properly secures their
>>>> machine, they will not suffer from rootkits, either.
>>>>
>>>> Amazing that there are programs for Linux rootkit removal when there
>>>> are no Linux machines
>>>> getting infected.
>>>>
>>>> Amazing such warnings, as the below, exist if no Linux users were
>>>> being infected.
>>>>
>>>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html
>>>> Severity: HIGH Description: The Satori Linux Rootkit is a collection
>>>> of publicly available Trojan utilities that target Linux systems. It
>>>> is also known as Linux Rootkit 4 and is distributed by The Crackers
>>>> Layer.
>>>
>>> Please, at least try and stay current. Linux Rootkit IV was released
>>> in November 26, 1998!!!! Really had to scratch around the Net to find
>>> one?
>>>
>>> http://www.ossec.net/rootkits/studies/lrk5.txt
>>
>>
>> My problem with Alias is that he spoke in absolute terms,
>> as if was impossible to for Linux to be infected by viruses,
>> trojans, worms, or rootkits... he was wrong.
>>
>> The fact that there haven't been many major efforts at creating Linux
>> worms
>> isn't proof that they are impossible.
>>
>> http://www.ossec.net/rootkits/
>>
>> http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
>>
>> They may not have the infamy of Code Red and Nimda, but there are
>> Linux viruses and worms in
>> the wild. Here are some of the more infamous pieces of malicious code
>> that have a taste for Linux:
>
>
> Your point is well taken (and should be by everyone), but in reading the
> info you provided below, one would think the world was falling in on
> linux. That is not exactly the case, and is not the case now.
>
>>
>> Slapper: The most dangerous Linux worm it's network-aware and in
>> August 2002 it exploited a
>> flaw in OpenSSL libraries in Apache servers with OpenSSL enabled.
>
> http://news.com.com/2100-1001-958758.html
> A Linux worm that started spreading a week ago has reached a plateau
> after infecting about 7,000 servers and turning the hosts into a
> peer-to-peer network that could be used to attack other computers.
> Known as Linux.Slapper.Worm, Slapper and Apache/mod_ssl, the worm's
> spread has fallen far short of the biggest attackers in recent times.
> For example, Code Red infected 400,000 servers last summer. And
> according to the "National Strategy to Secure Cyberspace," the Nimda
> virus compromised 86,000 systems last fall.
> Perhaps most telling, security experts are already talking about Slapper
> in the past tense.
> "I thought it was very interesting, but it didn't do terribly much,"
> said Roger Thompson, director of malicious code research at security
> services company TruSecure.
>
>>
>> Bliss: Also a well-known bug, it infects ELF executables, locating
>> binaries with write access
>> and overwrites those with its own code.
>
> http://en.wikipedia.org/wiki/Bliss_(virus)
> Bliss is a computer virus that infects GNU/Linux systems. Its source
> code was posted on a Usenet usergroup by its author on February 5, 1997.
> When executed, it attempts to attach itself to Linux executable files,
> to which regular users do not have access. This prevents the executables
> from running, so users notice it immediately. Although it was probably
> intended to prove that Linux can be infected, it does not propagate very
> effectively because of the structure of Linux's user privilege system.
> The Bliss virus never became widespread, and remains chiefly a research
> curiosity.
> When the Bliss virus was released, antivirus software vendors put out a
> number of press releases about it. The claim was that since a "Linux
> virus" existed, Linux users should buy antivirus software. Linux users
> generally do not use antivirus software, except on servers that serve
> files to Windows clients.
> It writes a neat log of all its actions to /tmp/.bliss and even has a
> --bliss-uninfect-files-please command line option that sometimes might
> come in handy, and actually does what it promises.
>
>>
>> Lindose: A rare cross-platform scourge, able to jump Windows PE and
>> Linux ELF executables. It's
>> a proof-of-concept worm and has not hit the wild.
>
> http://www.viruslist.com/en/viruses/encyclopedia?virusid=57567
> Virus.Multi.Pelf.2132
> Aliases
> Virus.Multi.Pelf.2132 (Kaspersky Lab) is also known as: Pelf.2132
> (Kaspersky Lab), Linux/Lindose (McAfee), W32.Peelf.2132 (Symantec),
> Win32/Linux.Benny.2132 (Doctor Web), Linux/Lindose (Sophos),
> Linux/Lindose.2132.A (RAV), ELF_LINDOSE.A (Trend Micro), W32/Winux
> (H+BEDV), Unix/Lindose (FRISK), Win32:Lindose (ALWIL), Win32/Lindose
> (Grisoft), Linux.PEELF.2132 (SOFTWIN), W32.Winux (ClamAV),
> ELF/Winux.2784 (Panda), Elf/Lindose.2132 (Eset)
> Description added Mar 28 2001
> Behavior Virus
> Technical details
> (aka Lindose)
> This is a harmless non-memory resident parasitic multipartite virus. It
> infects Windows executable files as well as Linux ones (Windows PE files
> and Linux ELF files).
> The virus is written in Assembler, and is about 2.5 Kb in size. It does
> not manifest itself in any way, and it is like a multiplatform
> Windows-Linux virus concept.
>
>>
>> Ramen: Not just a noodle, another network-aware worm jumping from
>> Linux server to server.
>
> http://www.ciac.org/ciac/bulletins/l-040.shtml
> L-040: The Ramen Worm
> February 2, 2001 21:00 GMT
> PROBLEM: A Linux worm named 'Ramen' has been detected in the wild.
> CIAC has had reports of compromised systems and numerous scans.
> PLATFORM: Redhat Linux 6.2 and 7.0
> DAMAGE: Ramen automatically attacks all vulnerable systems it can
> find. Intruders can gain root access to vulnerable systems.
> SOLUTION: This worm exploits known vulnerabilities in wu-ftpd,
> LPRng, and rpc.statd. These services should be patched immediately.
> Patches are available from Red Hat.
> VULNERABILITY
> ASSESSMENT: The risk is HIGH - The worm is in the wild and is being
> actively used to exploit vulnerable systems.
> CIAC, CERT, and others are receiving reports of systems compromised by
> the Ramen Worm. The worm is in the wild and performs fully automated
> breakins to vulnerable systems. As it is fully automated, it continues
> to attack systems until all running copies are found and stopped.
> Rebooting systems does not stop the worm as it installs code to
> automatically restart itself after a reboot.
> The binaries contained in the worm are specific to Linux 6.2 and 7.0.
> However, someone with access to the source code for the binaries could
> recompile them under other versions of UNIX to attack other platforms.
> As far as we know, the source code for the binaries is not yet in the wild.
>
>>
>> Staog: Considered the first Linux virus, it infects ELF executables.
>
> http://en.wikipedia.org/wiki/Staog
> Staog was the first computer virus written for the Linux operating
> system. It was discovered in the fall of 1996, and the vulnerabilities
> that it exploited were shored up soon after. It has not been detected in
> the wild since its initial outbreak.
> Staog was able to infect Linux despite its security-oriented design
> which requires users and programs to login as root before any drastic
> operations can be taken. It worked by exploiting some kernel
> vulnerabilities to stay resident. Then, it would infect executed binaries.
> Since it relied on fundamental bugs, software upgrades made systems
> immune to Staog. This, combined with its shot in the dark method of
> transmitting itself, ensured that it died off rather quickly.
>
>>
>> Typot: A Linux Trojan that does distributed port scanning, generating
>> TCP packets
>> with a window size of 55808.
>
> http://www.symantec.com/security_response/writeup.jsp?docid=2003-062018-4739-99
>
> Trojan.Linux.Typot
> Risk Level 1: Very Low
> Discovered: June 20, 2003
> Updated: February 13, 2007 12:02:46 PM
> Also Known As: 55808, Stumbler
> Type: Trojan Horse
> Systems Affected: Linux
> Trojan.Linux.Typot is a Trojan Horse that affects Linux systems. It
> generates TCP packets with a window size of 55,808.
> Protection
> * Initial Rapid Release version June 23, 2003
> * Latest Rapid Release version June 23, 2003
> * Initial Daily Certified version June 23, 2003
> * Latest Daily Certified version June 23, 2003
> * Initial Weekly Certified release date June 25, 2003
> Click here for a more detailed description of Rapid Release and Daily
> Certified virus definitions.
> Threat Assessment
> Wild
> * Wild Level: Low
> * Number of Infections: 0 - 49
> * Number of Sites: 0 - 2
> * Geographical Distribution: Low
> * Threat Containment: Easy
> * Removal: Easy
> Damage
> * Damage Level: Low
> Distribution
> * Distribution Level: Low
>
>> -------------------------
>> http://www.linuxquestions.org/questions/showthread.php?t=399624
>>
>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>
>>
>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>
>
>
>
Well, so much for that lying bs story from alias about linux boxes never
being infected.
But we all knew that was not true anyway.
Thanks norm!
Frank

 

[Alias]

Peter Foldes wrote:
> Obviously this (latest one on June 06 2007 below and many more only for Ubuntu alone and not counting all the other Linux flavors is not advertised by the Linux groups. But if you go to the Ubunto forum there is quite a few that got hit by this. Using Paypal will get you to the proper Linux support to fix the problem. Paypal is Linux's best friend. At the end what is cheaper and more reliable.
>
> I have Red Hat installed and believe me it is not free to run even though it is a free download
>
> There is nothing that is free today. The same goes for Linux. Have an issue and need a fix it will cost you money. What is cheaper to run, well,, hard to say. They are both about the same in costs one way or another
> ------------------------------------------------------------------------------------------------------------------------------------------------
> Wed, 2007-06-27 00:01. usn
> Referenced CVEs:
> CVE-2007-2442, CVE-2007-2443, CVE-2007-2798
> Description:
> =========================================================== Ubuntu Security Notice USN-477-1 June 26, 2007 krb5 vulnerabilities CVE-2007-2442, CVE-2007-2443, CVE-2007-2798 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libkadm55 1.4.3-5ubuntu0.4 Ubuntu 6.10: libkadm55 1.4.3-9ubuntu1.3 Ubuntu 7.04: libkadm55 1.4.4-5ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root priv
ileges. (CVE-2007-2442) Wei Wang discovered that the krb5 RPC library did not correctly check the size of certain communications. A remote attacker could send a specially crafted request to kadmind and execute arbitrary code with root privileges. (CVE-2007-2443) It was discovered that the kadmind service could be made to overflow its stack. A remote attacker could send a specially crafted request and execute arbitrary code with root privileges. (CVE-2007-2798)
>

Good reason to keep Ubuntu updated. Fortunately, that is an easy and
obvious thing to do.

Alias

 

[Alias]

Frank wrote:
> norm wrote:
>> MICHAEL wrote:
>>
>>>
>>> * Mr. Happy:
>>>
>>>> MICHAEL wrote:
>>>>
>>>>> * Alias:
>>>>>
>>>>>> MICHAEL wrote:
>>>>>>
>>>>>>> * Alias:
>>>>>>>
>>>>>>>> MICHAEL wrote:
>>>>>>>>
>>>>>>>>> * Alias:
>>>>>>>>>
>>>>>>>>>> Back to the present. Use Ubuntu and never worry about a virus,
>>>>>>>>>> root kit or any other malware. http://www.ubuntu.com/
>>>>>>>>>
>>>>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php
>>>>>>>>> Linux RootKits For Beginners - From Prevention to Removal
>>>>>>>>>
>>>>>>>>> One day while reading a mail list for the Linux Users Group in
>>>>>>>>> my hometown I discovered a call for help. It was a posting from
>>>>>>>>> a novice Linux user with a disturbing issue. While doing some
>>>>>>>>> routine checks on a Linux system, he found a user that had been
>>>>>>>>> added to the system with the user id of 0 (root). His first
>>>>>>>>> thought was that it might be a rootkit. He wanted to know what
>>>>>>>>> he could do to verify it was a rootkit and how to remove it
>>>>>>>>> from the system. He further asked for
>>>>>>>>> suggestions on preventative measures to ensure this kind of
>>>>>>>>> attack does not reoccur. That situation prompted me to write
>>>>>>>>> this paper to an understanding of rootkits and its effects.
>>>>>>>>> This paper will also discuss how to monitor for a rootkit, and
>>>>>>>>> the steps that need to be taken to remove one.
>>>>>>>>>
>>>>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with
>>>>>>>> one built-in. I would also recommend a router hard firewall.
>>>>>>>
>>>>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>>>>> malware." -Alias
>>>>>>>
>>>>>>> You said "never", you were wrong.
>>>>>>>
>>>>>>> "Absolute truth" is for absolute fools.
>>>>>>>
>>>>>>>
>>>>>>> -Michael
>>>>>>
>>>>>> Is there an echo in here?
>>>>>
>>>>> Only the echoes of your foolish nonsense.
>>>>>
>>>>>> If one has Ubuntu that comes with a firewall
>>>>>
>>>>> So does Vista.
>>>>>
>>>>>> and a router with a firewall how, pray tell, will anyone install a
>>>>>> root kit?
>>>>>
>>>>> You never stated that in your original reply.
>>>>>
>>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>>> malware." -Alias
>>>>>
>>>>> I see no mention of using additional security measures.
>>>>>
>>>>> Now you bring up the "ifs". If a Window user properly secures
>>>>> their machine, they will not suffer from rootkits, either.
>>>>>
>>>>> Amazing that there are programs for Linux rootkit removal when
>>>>> there are no Linux machines
>>>>> getting infected.
>>>>>
>>>>> Amazing such warnings, as the below, exist if no Linux users were
>>>>> being infected.
>>>>>
>>>>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html
>>>>> Severity: HIGH Description: The Satori Linux Rootkit is a
>>>>> collection of publicly available Trojan utilities that target Linux
>>>>> systems. It is also known as Linux Rootkit 4 and is distributed by
>>>>> The Crackers Layer.
>>>>
>>>> Please, at least try and stay current. Linux Rootkit IV was released
>>>> in November 26, 1998!!!! Really had to scratch around the Net to
>>>> find one?
>>>>
>>>> http://www.ossec.net/rootkits/studies/lrk5.txt
>>>
>>>
>>> My problem with Alias is that he spoke in absolute terms,
>>> as if was impossible to for Linux to be infected by viruses,
>>> trojans, worms, or rootkits... he was wrong.
>>>
>>> The fact that there haven't been many major efforts at creating Linux
>>> worms
>>> isn't proof that they are impossible.
>>>
>>> http://www.ossec.net/rootkits/
>>>
>>> http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
>>>
>>> They may not have the infamy of Code Red and Nimda, but there are
>>> Linux viruses and worms in
>>> the wild. Here are some of the more infamous pieces of malicious code
>>> that have a taste for Linux:
>>
>>
>> Your point is well taken (and should be by everyone), but in reading
>> the info you provided below, one would think the world was falling in
>> on linux. That is not exactly the case, and is not the case now.
>>
>>>
>>> Slapper: The most dangerous Linux worm it's network-aware and in
>>> August 2002 it exploited a
>>> flaw in OpenSSL libraries in Apache servers with OpenSSL enabled.
>>
>> http://news.com.com/2100-1001-958758.html
>> A Linux worm that started spreading a week ago has reached a plateau
>> after infecting about 7,000 servers and turning the hosts into a
>> peer-to-peer network that could be used to attack other computers.
>> Known as Linux.Slapper.Worm, Slapper and Apache/mod_ssl, the worm's
>> spread has fallen far short of the biggest attackers in recent times.
>> For example, Code Red infected 400,000 servers last summer. And
>> according to the "National Strategy to Secure Cyberspace," the Nimda
>> virus compromised 86,000 systems last fall.
>> Perhaps most telling, security experts are already talking about
>> Slapper in the past tense.
>> "I thought it was very interesting, but it didn't do terribly much,"
>> said Roger Thompson, director of malicious code research at security
>> services company TruSecure.
>>
>>>
>>> Bliss: Also a well-known bug, it infects ELF executables, locating
>>> binaries with write access
>>> and overwrites those with its own code.
>>
>> http://en.wikipedia.org/wiki/Bliss_(virus)
>> Bliss is a computer virus that infects GNU/Linux systems. Its source
>> code was posted on a Usenet usergroup by its author on February 5,
>> 1997. When executed, it attempts to attach itself to Linux executable
>> files, to which regular users do not have access. This prevents the
>> executables from running, so users notice it immediately. Although it
>> was probably intended to prove that Linux can be infected, it does not
>> propagate very effectively because of the structure of Linux's user
>> privilege system. The Bliss virus never became widespread, and remains
>> chiefly a research curiosity.
>> When the Bliss virus was released, antivirus software vendors put out
>> a number of press releases about it. The claim was that since a "Linux
>> virus" existed, Linux users should buy antivirus software. Linux users
>> generally do not use antivirus software, except on servers that serve
>> files to Windows clients.
>> It writes a neat log of all its actions to /tmp/.bliss and even has a
>> --bliss-uninfect-files-please command line option that sometimes might
>> come in handy, and actually does what it promises.
>>
>>>
>>> Lindose: A rare cross-platform scourge, able to jump Windows PE and
>>> Linux ELF executables. It's
>>> a proof-of-concept worm and has not hit the wild.
>>
>> http://www.viruslist.com/en/viruses/encyclopedia?virusid=57567
>> Virus.Multi.Pelf.2132
>> Aliases
>> Virus.Multi.Pelf.2132 (Kaspersky Lab) is also known as: Pelf.2132
>> (Kaspersky Lab), Linux/Lindose (McAfee), W32.Peelf.2132 (Symantec),
>> Win32/Linux.Benny.2132 (Doctor Web), Linux/Lindose (Sophos),
>> Linux/Lindose.2132.A (RAV), ELF_LINDOSE.A (Trend Micro), W32/Winux
>> (H+BEDV), Unix/Lindose (FRISK), Win32:Lindose (ALWIL),
>> Win32/Lindose (Grisoft), Linux.PEELF.2132 (SOFTWIN), W32.Winux
>> (ClamAV), ELF/Winux.2784 (Panda), Elf/Lindose.2132 (Eset)
>> Description added Mar 28 2001
>> Behavior Virus
>> Technical details
>> (aka Lindose)
>> This is a harmless non-memory resident parasitic multipartite virus.
>> It infects Windows executable files as well as Linux ones (Windows PE
>> files and Linux ELF files).
>> The virus is written in Assembler, and is about 2.5 Kb in size. It
>> does not manifest itself in any way, and it is like a multiplatform
>> Windows-Linux virus concept.
>>
>>>
>>> Ramen: Not just a noodle, another network-aware worm jumping from
>>> Linux server to server.
>>
>> http://www.ciac.org/ciac/bulletins/l-040.shtml
>> L-040: The Ramen Worm
>> February 2, 2001 21:00 GMT
>> PROBLEM: A Linux worm named 'Ramen' has been detected in the wild.
>> CIAC has had reports of compromised systems and numerous scans.
>> PLATFORM: Redhat Linux 6.2 and 7.0
>> DAMAGE: Ramen automatically attacks all vulnerable systems it can
>> find. Intruders can gain root access to vulnerable systems.
>> SOLUTION: This worm exploits known vulnerabilities in wu-ftpd,
>> LPRng, and rpc.statd. These services should be patched immediately.
>> Patches are available from Red Hat.
>> VULNERABILITY
>> ASSESSMENT: The risk is HIGH - The worm is in the wild and is
>> being actively used to exploit vulnerable systems.
>> CIAC, CERT, and others are receiving reports of systems compromised by
>> the Ramen Worm. The worm is in the wild and performs fully automated
>> breakins to vulnerable systems. As it is fully automated, it continues
>> to attack systems until all running copies are found and stopped.
>> Rebooting systems does not stop the worm as it installs code to
>> automatically restart itself after a reboot.
>> The binaries contained in the worm are specific to Linux 6.2 and 7.0.
>> However, someone with access to the source code for the binaries could
>> recompile them under other versions of UNIX to attack other platforms.
>> As far as we know, the source code for the binaries is not yet in the
>> wild.
>>
>>>
>>> Staog: Considered the first Linux virus, it infects ELF executables.
>>
>> http://en.wikipedia.org/wiki/Staog
>> Staog was the first computer virus written for the Linux operating
>> system. It was discovered in the fall of 1996, and the vulnerabilities
>> that it exploited were shored up soon after. It has not been detected
>> in the wild since its initial outbreak.
>> Staog was able to infect Linux despite its security-oriented design
>> which requires users and programs to login as root before any drastic
>> operations can be taken. It worked by exploiting some kernel
>> vulnerabilities to stay resident. Then, it would infect executed
>> binaries.
>> Since it relied on fundamental bugs, software upgrades made systems
>> immune to Staog. This, combined with its shot in the dark method of
>> transmitting itself, ensured that it died off rather quickly.
>>
>>>
>>> Typot: A Linux Trojan that does distributed port scanning, generating
>>> TCP packets
>>> with a window size of 55808.
>>
>> http://www.symantec.com/security_response/writeup.jsp?docid=2003-062018-4739-99
>>
>> Trojan.Linux.Typot
>> Risk Level 1: Very Low
>> Discovered: June 20, 2003
>> Updated: February 13, 2007 12:02:46 PM
>> Also Known As: 55808, Stumbler
>> Type: Trojan Horse
>> Systems Affected: Linux
>> Trojan.Linux.Typot is a Trojan Horse that affects Linux systems. It
>> generates TCP packets with a window size of 55,808.
>> Protection
>> * Initial Rapid Release version June 23, 2003
>> * Latest Rapid Release version June 23, 2003
>> * Initial Daily Certified version June 23, 2003
>> * Latest Daily Certified version June 23, 2003
>> * Initial Weekly Certified release date June 25, 2003
>> Click here for a more detailed description of Rapid Release and Daily
>> Certified virus definitions.
>> Threat Assessment
>> Wild
>> * Wild Level: Low
>> * Number of Infections: 0 - 49
>> * Number of Sites: 0 - 2
>> * Geographical Distribution: Low
>> * Threat Containment: Easy
>> * Removal: Easy
>> Damage
>> * Damage Level: Low
>> Distribution
>> * Distribution Level: Low
>>
>>> -------------------------
>>> http://www.linuxquestions.org/questions/showthread.php?t=399624
>>>
>>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>>
>>>
>>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>>
>>
>>
>>
> Well, so much for that lying bs story from alias about linux boxes never
> being infected.
> But we all knew that was not true anyway.
> Thanks norm!
> Frank

No proof has been offered here, only possibilities. Fact is you're much
safer with a Linux box than a Windows box hands down.

Alias

 

[Frank]

Alias wrote:
> Frank wrote:
>
>> norm wrote:
>>
>>> MICHAEL wrote:
>>>
>>>>
>>>> * Mr. Happy:
>>>>
>>>>> MICHAEL wrote:
>>>>>
>>>>>> * Alias:
>>>>>>
>>>>>>> MICHAEL wrote:
>>>>>>>
>>>>>>>> * Alias:
>>>>>>>>
>>>>>>>>> MICHAEL wrote:
>>>>>>>>>
>>>>>>>>>> * Alias:
>>>>>>>>>>
>>>>>>>>>>> Back to the present. Use Ubuntu and never worry about a
>>>>>>>>>>> virus, root kit or any other malware. http://www.ubuntu.com/
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php
>>>>>>>>>> Linux RootKits For Beginners - From Prevention to Removal
>>>>>>>>>>
>>>>>>>>>> One day while reading a mail list for the Linux Users Group in
>>>>>>>>>> my hometown I discovered a call for help. It was a posting
>>>>>>>>>> from a novice Linux user with a disturbing issue. While doing
>>>>>>>>>> some routine checks on a Linux system, he found a user that
>>>>>>>>>> had been added to the system with the user id of 0 (root). His
>>>>>>>>>> first thought was that it might be a rootkit. He wanted to
>>>>>>>>>> know what he could do to verify it was a rootkit and how to
>>>>>>>>>> remove it from the system. He further asked for
>>>>>>>>>> suggestions on preventative measures to ensure this kind of
>>>>>>>>>> attack does not reoccur. That situation prompted me to write
>>>>>>>>>> this paper to an understanding of rootkits and its effects.
>>>>>>>>>> This paper will also discuss how to monitor for a rootkit, and
>>>>>>>>>> the steps that need to be taken to remove one.
>>>>>>>>>>
>>>>>>>>> I never said that a firewall wasn't necessary. Ubuntu comes
>>>>>>>>> with one built-in. I would also recommend a router hard firewall.
>>>>>>>>
>>>>>>>>
>>>>>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>>>>>> malware." -Alias
>>>>>>>>
>>>>>>>> You said "never", you were wrong.
>>>>>>>>
>>>>>>>> "Absolute truth" is for absolute fools.
>>>>>>>>
>>>>>>>>
>>>>>>>> -Michael
>>>>>>>
>>>>>>>
>>>>>>> Is there an echo in here?
>>>>>>
>>>>>>
>>>>>> Only the echoes of your foolish nonsense.
>>>>>>
>>>>>>> If one has Ubuntu that comes with a firewall
>>>>>>
>>>>>>
>>>>>> So does Vista.
>>>>>>
>>>>>>> and a router with a firewall how, pray tell, will anyone install
>>>>>>> a root kit?
>>>>>>
>>>>>>
>>>>>> You never stated that in your original reply.
>>>>>>
>>>>>> "Use Ubuntu and never worry about a virus, root kit or any other
>>>>>> malware." -Alias
>>>>>>
>>>>>> I see no mention of using additional security measures.
>>>>>>
>>>>>> Now you bring up the "ifs". If a Window user properly secures
>>>>>> their machine, they will not suffer from rootkits, either.
>>>>>>
>>>>>> Amazing that there are programs for Linux rootkit removal when
>>>>>> there are no Linux machines
>>>>>> getting infected.
>>>>>>
>>>>>> Amazing such warnings, as the below, exist if no Linux users were
>>>>>> being infected.
>>>>>>
>>>>>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html
>>>>>> Severity: HIGH Description: The Satori Linux Rootkit is a
>>>>>> collection of publicly available Trojan utilities that target
>>>>>> Linux systems. It is also known as Linux Rootkit 4 and is
>>>>>> distributed by The Crackers Layer.
>>>>>
>>>>>
>>>>> Please, at least try and stay current. Linux Rootkit IV was
>>>>> released in November 26, 1998!!!! Really had to scratch around the
>>>>> Net to find one?
>>>>>
>>>>> http://www.ossec.net/rootkits/studies/lrk5.txt
>>>>
>>>>
>>>>
>>>> My problem with Alias is that he spoke in absolute terms,
>>>> as if was impossible to for Linux to be infected by viruses,
>>>> trojans, worms, or rootkits... he was wrong.
>>>>
>>>> The fact that there haven't been many major efforts at creating
>>>> Linux worms
>>>> isn't proof that they are impossible.
>>>>
>>>> http://www.ossec.net/rootkits/
>>>>
>>>> http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
>>>>
>>>> They may not have the infamy of Code Red and Nimda, but there are
>>>> Linux viruses and worms in
>>>> the wild. Here are some of the more infamous pieces of malicious
>>>> code that have a taste for Linux:
>>>
>>>
>>>
>>> Your point is well taken (and should be by everyone), but in reading
>>> the info you provided below, one would think the world was falling in
>>> on linux. That is not exactly the case, and is not the case now.
>>>
>>>>
>>>> Slapper: The most dangerous Linux worm it's network-aware and in
>>>> August 2002 it exploited a
>>>> flaw in OpenSSL libraries in Apache servers with OpenSSL enabled.
>>>
>>>
>>> http://news.com.com/2100-1001-958758.html
>>> A Linux worm that started spreading a week ago has reached a plateau
>>> after infecting about 7,000 servers and turning the hosts into a
>>> peer-to-peer network that could be used to attack other computers.
>>> Known as Linux.Slapper.Worm, Slapper and Apache/mod_ssl, the worm's
>>> spread has fallen far short of the biggest attackers in recent times.
>>> For example, Code Red infected 400,000 servers last summer. And
>>> according to the "National Strategy to Secure Cyberspace," the Nimda
>>> virus compromised 86,000 systems last fall.
>>> Perhaps most telling, security experts are already talking about
>>> Slapper in the past tense.
>>> "I thought it was very interesting, but it didn't do terribly much,"
>>> said Roger Thompson, director of malicious code research at security
>>> services company TruSecure.
>>>
>>>>
>>>> Bliss: Also a well-known bug, it infects ELF executables, locating
>>>> binaries with write access
>>>> and overwrites those with its own code.
>>>
>>>
>>> http://en.wikipedia.org/wiki/Bliss_(virus)
>>> Bliss is a computer virus that infects GNU/Linux systems. Its source
>>> code was posted on a Usenet usergroup by its author on February 5,
>>> 1997. When executed, it attempts to attach itself to Linux executable
>>> files, to which regular users do not have access. This prevents the
>>> executables from running, so users notice it immediately. Although it
>>> was probably intended to prove that Linux can be infected, it does
>>> not propagate very effectively because of the structure of Linux's
>>> user privilege system. The Bliss virus never became widespread, and
>>> remains chiefly a research curiosity.
>>> When the Bliss virus was released, antivirus software vendors put out
>>> a number of press releases about it. The claim was that since a
>>> "Linux virus" existed, Linux users should buy antivirus software.
>>> Linux users generally do not use antivirus software, except on
>>> servers that serve files to Windows clients.
>>> It writes a neat log of all its actions to /tmp/.bliss and even has a
>>> --bliss-uninfect-files-please command line option that sometimes
>>> might come in handy, and actually does what it promises.
>>>
>>>>
>>>> Lindose: A rare cross-platform scourge, able to jump Windows PE and
>>>> Linux ELF executables. It's
>>>> a proof-of-concept worm and has not hit the wild.
>>>
>>>
>>> http://www.viruslist.com/en/viruses/encyclopedia?virusid=57567
>>> Virus.Multi.Pelf.2132
>>> Aliases
>>> Virus.Multi.Pelf.2132 (Kaspersky Lab) is also known as: Pelf.2132
>>> (Kaspersky Lab), Linux/Lindose (McAfee), W32.Peelf.2132 (Symantec),
>>> Win32/Linux.Benny.2132 (Doctor Web), Linux/Lindose (Sophos),
>>> Linux/Lindose.2132.A (RAV), ELF_LINDOSE.A (Trend Micro),
>>> W32/Winux (H+BEDV), Unix/Lindose (FRISK), Win32:Lindose (ALWIL),
>>> Win32/Lindose (Grisoft), Linux.PEELF.2132 (SOFTWIN), W32.Winux
>>> (ClamAV), ELF/Winux.2784 (Panda), Elf/Lindose.2132 (Eset)
>>> Description added Mar 28 2001
>>> Behavior Virus
>>> Technical details
>>> (aka Lindose)
>>> This is a harmless non-memory resident parasitic multipartite virus.
>>> It infects Windows executable files as well as Linux ones (Windows PE
>>> files and Linux ELF files).
>>> The virus is written in Assembler, and is about 2.5 Kb in size. It
>>> does not manifest itself in any way, and it is like a multiplatform
>>> Windows-Linux virus concept.
>>>
>>>>
>>>> Ramen: Not just a noodle, another network-aware worm jumping from
>>>> Linux server to server.
>>>
>>>
>>> http://www.ciac.org/ciac/bulletins/l-040.shtml
>>> L-040: The Ramen Worm
>>> February 2, 2001 21:00 GMT
>>> PROBLEM: A Linux worm named 'Ramen' has been detected in the
>>> wild. CIAC has had reports of compromised systems and numerous scans.
>>> PLATFORM: Redhat Linux 6.2 and 7.0
>>> DAMAGE: Ramen automatically attacks all vulnerable systems it can
>>> find. Intruders can gain root access to vulnerable systems.
>>> SOLUTION: This worm exploits known vulnerabilities in wu-ftpd,
>>> LPRng, and rpc.statd. These services should be patched immediately.
>>> Patches are available from Red Hat.
>>> VULNERABILITY
>>> ASSESSMENT: The risk is HIGH - The worm is in the wild and is
>>> being actively used to exploit vulnerable systems.
>>> CIAC, CERT, and others are receiving reports of systems compromised
>>> by the Ramen Worm. The worm is in the wild and performs fully
>>> automated breakins to vulnerable systems. As it is fully automated,
>>> it continues to attack systems until all running copies are found and
>>> stopped. Rebooting systems does not stop the worm as it installs code
>>> to automatically restart itself after a reboot.
>>> The binaries contained in the worm are specific to Linux 6.2 and 7.0.
>>> However, someone with access to the source code for the binaries
>>> could recompile them under other versions of UNIX to attack other
>>> platforms. As far as we know, the source code for the binaries is not
>>> yet in the wild.
>>>
>>>>
>>>> Staog: Considered the first Linux virus, it infects ELF executables.
>>>
>>>
>>> http://en.wikipedia.org/wiki/Staog
>>> Staog was the first computer virus written for the Linux operating
>>> system. It was discovered in the fall of 1996, and the
>>> vulnerabilities that it exploited were shored up soon after. It has
>>> not been detected in the wild since its initial outbreak.
>>> Staog was able to infect Linux despite its security-oriented design
>>> which requires users and programs to login as root before any drastic
>>> operations can be taken. It worked by exploiting some kernel
>>> vulnerabilities to stay resident. Then, it would infect executed
>>> binaries.
>>> Since it relied on fundamental bugs, software upgrades made systems
>>> immune to Staog. This, combined with its shot in the dark method of
>>> transmitting itself, ensured that it died off rather quickly.
>>>
>>>>
>>>> Typot: A Linux Trojan that does distributed port scanning,
>>>> generating TCP packets
>>>> with a window size of 55808.
>>>
>>>
>>> http://www.symantec.com/security_response/writeup.jsp?docid=2003-062018-4739-99
>>>
>>> Trojan.Linux.Typot
>>> Risk Level 1: Very Low
>>> Discovered: June 20, 2003
>>> Updated: February 13, 2007 12:02:46 PM
>>> Also Known As: 55808, Stumbler
>>> Type: Trojan Horse
>>> Systems Affected: Linux
>>> Trojan.Linux.Typot is a Trojan Horse that affects Linux systems. It
>>> generates TCP packets with a window size of 55,808.
>>> Protection
>>> * Initial Rapid Release version June 23, 2003
>>> * Latest Rapid Release version June 23, 2003
>>> * Initial Daily Certified version June 23, 2003
>>> * Latest Daily Certified version June 23, 2003
>>> * Initial Weekly Certified release date June 25, 2003
>>> Click here for a more detailed description of Rapid Release and Daily
>>> Certified virus definitions.
>>> Threat Assessment
>>> Wild
>>> * Wild Level: Low
>>> * Number of Infections: 0 - 49
>>> * Number of Sites: 0 - 2
>>> * Geographical Distribution: Low
>>> * Threat Containment: Easy
>>> * Removal: Easy
>>> Damage
>>> * Damage Level: Low
>>> Distribution
>>> * Distribution Level: Low
>>>
>>>> -------------------------
>>>> http://www.linuxquestions.org/questions/showthread.php?t=399624
>>>>
>>>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>>>
>>>>
>>>> http://secunia.com/search/?adv_sear...ftware_os=1&critical[]=0&impact[]=0&where[]=0
>>>>
>>>
>>>
>>>
>>>
>> Well, so much for that lying bs story from alias about linux boxes
>> never being infected.
>> But we all knew that was not true anyway.
>> Thanks norm!
>> Frank
>
>
> No proof has been offered here, only possibilities. Fact is you're much
> safer with a Linux box than a Windows box hands down.
>
> Alias


We all now know that you're an ignorant, lying, bigot POS.
Shall we also add "blind" to that list of character flaws as a disabilitie?
Or should we just count it as a reading comprehension problem compounded
by your sheer stupidity?
One things for sure, you really are a side show freak!
Frank

 

[Fyvush Finkel]

Incredible - Just FYI

Another IDIOT and his preaching about Windows Server Beta. Must get a
WOODIE each time he talks about it

Just FYI


"Kevin John Panzke" <kevpan815@hotmail.com> wrote in message
news:ey$H93xvHHA.5008@TK2MSFTNGP05.phx.gbl...
> Try Out Windows Server 2008 Beta 3 Public Beta, And You Will Like
> Microsoft A Whole Lot Better.
>
> "DanielN" <DanielN@discussions.microsoft.com> wrote in message
> news:1C18C11F-015D-40FC-86B6-3C2AF1A575A2@microsoft.com...
>> Hi People,
>>
>> I have been a computer engineer for around 7 years professionally with
>> around 7 years prior to that self teaching myself all I could about
>> Windows.
>> I am now MCP qualified and hopefully will soon be MCSA/MCSE/MCDBA/CCNA
>> qualified as well.
>>
>> I have used Vista only a couple of times although getting a very bad
>> feeling
>> about it having read many bad things and experiencing some worrying
>> things
>> like it takes more time for vista to spawn and animate the copying file
>> dialog then it does for say windows xp to even have copied the file
>> already.
>> this is only minor though.
>>
>> Today one of my customers who has a vista machine (I dont) got in touch
>> saying windows was bringing up an error saying that:
>>
>> 'Windows explorer has stopped working' and then 'Windows explorer is
>> restarting.'
>>
>> Now I know there is a virus/spyware/adware on it. cause i can see an icon
>> for counterfit antispyware.
>>
>> the problem is even if I go into safemode to clean it (remove program and
>> run scans of various kinds) which would have worked pretty much most of
>> the
>> time in previous versions of windows doesnt work cause you have the same
>> problem.
>>
>> i am getting the feeling MS have screwed up with Vista like they did with
>> Windows ME.
>>
>>
>> I am shocked that years down the line after ME and I am sure MS knew what
>> the score was with ME. They have managed to do it again. They should have
>> stuck with XP - perhaps brought out some addons/updates if they really
>> thought people were desperate for new stuff, and put in some serious work
>> into Vienna. I have heard that there were so many problems with Vista
>> they
>> enlisted the help of the Vienna development team to help fix stuff.
>> Obviously
>> there was to much to fix.
>>
>> Now I have had my little rant. Maybe MS will sort this.
>>
>> My advice demand Win XP Pro on new machines. Do not be told that u must
>> have
>> Vista cause it is the best around.
>>
>> Dan
>>
>> Ps. I have also had a customer have a problem authenticating with a WPA
>> encrypted wireless network as well. Which turned out to be an
>> incompatibility
>> between the wireless card and Vista even though the wireless card was
>> built
>> into the laptop and it had a logo saying it was certified for Vista, and
>> this
>> was a big OEM's laptop. So what hope is there!
>

 

[MICHAEL]

* norm:
> MICHAEL wrote:
>> * Mr. Happy:
>>> MICHAEL wrote:
>>>
>>>> * Alias:
>>>>> MICHAEL wrote:
>>>>>> * Alias:
>>>>>>> MICHAEL wrote:
>>>>>>>> * Alias:
>>>>>>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any
>>>>>>>>> other malware. http://www.ubuntu.com/
>>>>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux RootKits For
>>>>>>>> Beginners - From Prevention to Removal
>>>>>>>>
>>>>>>>> One day while reading a mail list for the Linux Users Group in my hometown I
>>>>>>>> discovered a call for help. It was a posting from a novice Linux user with a
>>>>>>>> disturbing issue. While doing some routine checks on a Linux system, he found a
>>>>>>>> user that had been added to the system with the user id of 0 (root). His first
>>>>>>>> thought was that it might be a rootkit. He wanted to know what he could do to
>>>>>>>> verify it was a rootkit and how to remove it from the system. He further asked for
>>>>>>>> suggestions on preventative measures to ensure this kind of attack does not
>>>>>>>> reoccur. That situation prompted me to write this paper to an understanding of
>>>>>>>> rootkits and its effects. This paper will also discuss how to monitor for a
>>>>>>>> rootkit, and the steps that need to be taken to remove one.
>>>>>>>>
>>>>>>> I never said that a firewall wasn't necessary. Ubuntu comes with one built-in. I
>>>>>>> would also recommend a router hard firewall.
>>>>>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>>>>>
>>>>>> You said "never", you were wrong.
>>>>>>
>>>>>> "Absolute truth" is for absolute fools.
>>>>>>
>>>>>>
>>>>>> -Michael
>>>>> Is there an echo in here?
>>>> Only the echoes of your foolish nonsense.
>>>>
>>>>> If one has Ubuntu that comes with a firewall
>>>> So does Vista.
>>>>
>>>>> and a router with a firewall how, pray tell, will anyone install a root kit?
>>>> You never stated that in your original reply.
>>>>
>>>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias
>>>>
>>>> I see no mention of using additional security measures.
>>>>
>>>> Now you bring up the "ifs". If a Window user properly secures their machine, they will
>>>> not suffer from rootkits, either.
>>>>
>>>> Amazing that there are programs for Linux rootkit removal when there are no Linux machines
>>>> getting infected.
>>>>
>>>> Amazing such warnings, as the below, exist if no Linux users were being infected.
>>>>
>>>> http://www.juniper.net/security/auto/vulnerabilities/vuln734.html Severity: HIGH
>>>> Description: The Satori Linux Rootkit is a collection of publicly available Trojan
>>>> utilities that target Linux systems. It is also known as Linux Rootkit 4 and is
>>>> distributed by The Crackers Layer.
>>> Please, at least try and stay current. Linux Rootkit IV was released in November 26,
>>> 1998!!!! Really had to scratch around the Net to find one?
>>>
>>> http://www.ossec.net/rootkits/studies/lrk5.txt
>> My problem with Alias is that he spoke in absolute terms,
>> as if was impossible to for Linux to be infected by viruses,
>> trojans, worms, or rootkits... he was wrong.
>>
>> The fact that there haven't been many major efforts at creating Linux worms
>> isn't proof that they are impossible.
>>
>> http://www.ossec.net/rootkits/
>>
>> http://searchenterpriselinux.techtarget.com/qna/0,289202,sid39_gci954631,00.html
>> They may not have the infamy of Code Red and Nimda, but there are Linux viruses and worms in
>> the wild. Here are some of the more infamous pieces of malicious code that have a taste for Linux:
>
> Your point is well taken (and should be by everyone), but in reading the
> info you provided below, one would think the world was falling in on
> linux. That is not exactly the case, and is not the case now.

Norm,

My intention was not to to claim Linux is worse than Windows,
or that the sky is falling on the penguins. The dolt was wrong,
and he needed to know.


-Michael