[SATLUG] Scarry stuff...How to write a linux virus in 5 easy steps

James Tiner jtiner at satx.rr.com
Thu Feb 19 14:19:18 CST 2009


I used to be a drake/driva parter for the longest time. it was my fave
distro until the shakeup in leadership. I switched to kubuntu.

on *buntu, the first user is added as a sudoer automatically and you
usually use sudo to do admin stuff. If it makes you feel at home, you
can do 'sudo su -' and then passwd to set the root password and then
remove your username from sudo using visudo. there are some pretty good
reasons to use sudo such as allowing specific commands for specific
users and additional logging for those commands. some consider it more
secure. just a thought



On Thu, 2009-02-19 at 12:02 -0600, John D Choate wrote:
> On Thursday 19 February 2009 11:33:08 James Tiner wrote:
> >  responsibility and accountability
> > away from the user? These trojans are not using an open hole in the code
> > to get through, they are using social engineering to get through. Of
> > course, this is a hypothetical and not 'in the wild' thing so I don't
> > think that it is a big problem now, but the old saying is if it is not
> > expected and not from someone you know, then delete it. That truly fixes
> > this problem. Practice safe computing. 
> 
> Yes, that whole article didn't really bring up anything new. I'm surprised that the author even took the time to write such a long-winded 'paper'.
> 
> On a related note... I recently installed Ubuntu (I.I.) on a couple of machines and found something really quirky.
> Being a 'drake/'driva user, I am accustomed to assigning a root password as well as the user account(s) and their password(s) during installation.
> During the Ubuntu installation, I was only asked for a single password for the primary user, and none to be defined for root. Then the single user password is used not only for logging in the user, but for system administration and software installation, etc. as well.
> What the hell? That seems pretty screwed up to me. That gives rise to the possibility that ubuntu would be easier to exploit than other linux systems, with only the user password to be compromised.
> 
> 
> John C.
> 
> 
> p.s. Scarry stuff indeed...
> 
> Scar´ry
> a. 1.	Bearing scars or marks of wounds.
>     1.	Like a scar, or rocky eminence; containing scars.
> 
> Webster's Revised Unabridged Dictionary, published 1913 by C. & G. Merriam Co.



More information about the SATLUG mailing list