Stop Microsoft
Welcome,
Guest
. Please
login
or
register
.
Have you missed your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length.
News:
Home
Help
Login
Register
Stop Microsoft
»
Operating Systems
»
Linux and UNIX
»
Unix.Penguin
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Unix.Penguin (Read 2107 times)
fuckoffmicrosoft
Member
Posts: 73
Kudos: 0
Unix.Penguin
«
on:
28 September 2002, 05:23 »
LMFAO that server wasnt up 3 hours before i foubd this on my wifes pc and i figure that the only i couldve gotten it was by the distro ftp site i downloaded from
http://securityresponse.symantec.com/avcenter/venc/data/unix.penguin.html
is there a way to further prevent this from happenig?
Logged
fuckoffmicrosoft
Member
Posts: 73
Kudos: 0
Unix.Penguin
«
Reply #1 on:
28 September 2002, 05:25 »
found the culprit "The compressed file WRITING-PURECFG within C:\Documents and Settings\lee\Desktop\redhat\kcmpureftpd-0.6.tar within C:\Documents and Settings\lee\Desktop\redhat\kcmpureftpd-0.6.tar.gz is infected with the Unix.Penguin virus."
[ September 27, 2002: Message edited by: fuckoffmicrosoft ]
[ September 27, 2002: Message edited by: fuckoffmicrosoft ]
Logged
voidmain
VIP
Member
Posts: 5,605
Kudos: 184
Unix.Penguin
«
Reply #2 on:
28 September 2002, 06:19 »
Maybe if you wouldn't run Windows you wouldn't have to worry about these things.
Logged
Someone please remove this account. Thanks...
Master of Reality
VIP
Member
Posts: 4,249
Kudos: 177
Unix.Penguin
«
Reply #3 on:
28 September 2002, 07:27 »
Thtas all i have to do from stop the daily re-isntallation of windows?!!! Why didnt anyone tell me this sooner. And to think of all those viru and hardrive image saving. The answer all along was to simply get rid of windows!!!!!.
Logged
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'
lazygamer
Member
Posts: 1,146
Kudos: 0
Unix.Penguin
«
Reply #4 on:
28 September 2002, 07:58 »
Now that's what I call a pathetic virus. The author is so sure of his inability to do REAL damage in Linux that he has to hope someone mails out the root password? Now that's what I call secure!
Logged
For every hot Lesbian you see in a porno video, there is a fat, butch-like, or just downright ugly lesbian beeyotch marching in a gay pride parade, or bitching about same sex marriages. -Lazygamer on homosexuality
Master of Reality
VIP
Member
Posts: 4,249
Kudos: 177
Unix.Penguin
«
Reply #5 on:
28 September 2002, 08:01 »
of course, there is no way to do damage with a virus. Luckily most recent distros use shadowed passwords so mailing out /etc/passwd wont really gain them anything.
Logged
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'
Bazoukas
Member
Posts: 866
Kudos: 140
Unix.Penguin
«
Reply #6 on:
28 September 2002, 13:28 »
Who the hell will send out their root password?
That script kiddie must have been smoking some realy cheap ass weed.
Logged
Yeah
Master of Reality
VIP
Member
Posts: 4,249
Kudos: 177
Unix.Penguin
«
Reply #7 on:
28 September 2002, 17:58 »
its a fucking trojan. Someone runs a script that happens to have a line that will mail /etc/passwd to the script kiddie. The fucking owner of the computer has no idea that the script he just ran sent out his root passowrd (unless he is smart and checks logs).
Logged
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'
voidmain
VIP
Member
Posts: 5,605
Kudos: 184
Unix.Penguin
«
Reply #8 on:
28 September 2002, 20:48 »
The owner of this computer (me) would never run a script sent to him in an email. Surely without first looking at the code. You gotta be some kinda stupid to fall for something like this.
Logged
Someone please remove this account. Thanks...
voidmain
VIP
Member
Posts: 5,605
Kudos: 184
Unix.Penguin
«
Reply #9 on:
29 September 2002, 02:21 »
Yeah, who (besides a Lindows user) would read their email as root, not that a script can be automatically executed anyway. You need root access to view /etc/shadow which is where the encrypted passwords reside.
Logged
Someone please remove this account. Thanks...
Master of Reality
VIP
Member
Posts: 4,249
Kudos: 177
Unix.Penguin
«
Reply #10 on:
29 September 2002, 06:35 »
it would only work if it were an older distro that didnt have shadowed passowrds then? (just like i mentioned in my previous post).
It would be a script that is on a site that looks legitimate and is supposed to (and does) something useful like an administration script but also sends out your /etc/passwd but most people wouldnt run a script they thought to be legitamite anyway without looking at the code first.
Logged
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'
voidmain
VIP
Member
Posts: 5,605
Kudos: 184
Unix.Penguin
«
Reply #11 on:
29 September 2002, 07:46 »
Linux has been using shadowed passwords for years. I missed your previous post that mentioned it. Sorry bout that!
Logged
Someone please remove this account. Thanks...
Print
Pages: [
1
]
Go Up
« previous
next »
Stop Microsoft
»
Operating Systems
»
Linux and UNIX
»
Unix.Penguin
Jump to:
=> Linux and UNIX