On Friday 22 Oct 2004 7:27 am, Russell W. Behne wrote: > In that case, Mikkel, it's not a virus, what you're describing is a > trojan horse program.
Agreed. But 99% of mal-ware these days are not real viruses either. They are called viruses by the unknowing because they don't know the difference, and by the knowing as a shorthand. IMHO, the Linux defence that a virus can only infect a single user's account is anachronistic. A trojan only needs user privileges to become a spam proxy. Consider a Linux user who uses P2P or bittorrent applications. Their firewall will have open ports that user-level programs can listen on. A Trojan could install itself on one of those ports to receive commands and use a self-contained mailing program to send spam. While installed in user-space it would allow hacker access to attempt vulnerability probing, but even without that it is still useful to the black-hats. We cannot become complacent. Every element of security is important. The TheRegister link posted by Derek Jennings is very interesting and useful. -- Richard Urwin
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
