> Is this any danger to Ubuntu?

There's a reason you don't generally need to install a virus checker
on a linux distrib - welcome to the world of (virtually) hack-proof
computing :-)

Be sure to worry about all your Windows enabled machines though :-p

"Colin Wilson" wrote
in message news:MPG.236efe22536908a5989a30@news.motzarella.or g...
>> Is this any danger to Ubuntu?
>
> There's a reason you don't generally need to install a virus checker
> on a linux distrib -

Yeah---no one friggen uses it.
Welcome to the world of Latin.
Dead.
Dead.
Dead.
Technology in stagnation is what linux stands for.
Want an office programs that works...wait 10 years.
Then say...where'd they go ?
Absorbed by someone new?
What do they specialize in ?
Tee-shirts and coffee mugs ?
Yuck!

--
Ens causa sui
Fit caedes omnibus locis

On Sun, 26 Oct 2008 14:50:50 -0600, Ray wrote:

> Is this any danger to Ubuntu?
> Thanks

No danger at all. Gimmiv.A is a Windows-only trojan.
http://www.sophos.com/security/analy...s-and-spyware/
trojgimmiva.html

Ray wrote:

> Is this any danger to Ubuntu?

No. It's Windows-specific, and this exploit is only possible because of
stupid design decisions taken in the early days of the Windows NT kernel.
This particular vulnerability was pointed out to MS back in 2002, but ignored
until it was abused (for at least 2 years) "in the wild". It's more
difficult to exploit in Vista, but the average user will just "click-through"
the dialogue boxes that are generated by the bogus "security" features.

> Thanks

You're welcome. You'll discover that all the malware "out there" is entirely
Windows-specific.

C.

Bill Baka wrote:

> I do wonder if any of those sites could have a zero-day
> virus and not know it. I have heard of the "Drive by" infections and
> wonder if they could somehow kill FF when I am in there.

Only in Windows. It's a bit like the old joke about the "Canadian Virus" that
says "I'm a Canadian Virus. Will you /please/ delete a few random files for
me?". In Linux, Unix or BSD, you have to have /administrative/ access to
change things (apart from your /own/ files), so malware is simply not going
to happen.

C.

Christopher Hunter wrote:
> Bill Baka wrote:
>
>> I do wonder if any of those sites could have a zero-day
>> virus and not know it. I have heard of the "Drive by" infections and
>> wonder if they could somehow kill FF when I am in there.
>
> Only in Windows. It's a bit like the old joke about the "Canadian Virus" that
> says "I'm a Canadian Virus. Will you /please/ delete a few random files for
> me?". In Linux, Unix or BSD, you have to have /administrative/ access to
> change things (apart from your /own/ files), so malware is simply not going
> to happen.
>
> C.
>
I'm finding that to be very true in Ubuntu Hardy. Even though I log in
with administrator by default since nobody else uses my computer Hardy
still asks me for my password when I do anything to the system. Since it
has that level of security I am feeling secure in Hardy and really want
the release in 3 days of Intrepid.
On a side note I found that FireFox comes up in about 4 seconds as
compared to windows "Don't bother me now." 30 plus seconds.
Bill Baka

Christopher Hunter wrote:

> Günther Schwarz wrote:
>
>> Christopher Hunter wrote:
>>
>>> You'll discover that all the malware "out there" is entirely
>>> Windows-specific.
>>
>> I take it that you do not run a web server?
>
> Yes I do Many servers.
>
>> Otherwise you might know that the most threatening things out there
>> are targeted towards Posix machines.
>
> Nonsense. *All* malware is targeted to /Windows/ machines. I never
> "run" Windows, so it's not a problem.

Good luck with that attitude. SQL injection and PHP exploits will work
as nicely on your servers as on ones running a different OS. The final
target might be the Windows system of visitors of your sites, but the
distribution via compromised web sites is not bound to that specific
OS.

Günther

>> Is this any danger to Ubuntu?
>
> There's a reason you don't generally need to install a virus checker on
> a linux distrib - welcome to the world of (virtually) hack-proof
> computing :-)
>
> Be sure to worry about all your Windows enabled machines though :-p

Which raises a question. I use the Wubi install on a WinXP system. Do I
need to boot to Windows every so often, update my virus protection, and
scan my machine?

Günther Schwarz wrote:

> Good luck with that attitude. SQL injection and PHP exploits will work
> as nicely on your servers as on ones running a different OS.

It's simply /not/ an issue. I have yet to see a SQL injection exploit
that /actually/ /works/ - there are plenty of scare stories from the
anti-virus snake-oil salesmen, but no *real* ones "in the wild".

> The final target might be the Windows system of visitors of your sites,
> but the distribution via compromised web sites is not bound to that
> specific OS.

All the commercial sites we host have specific warnings and disclaimers to the
effect that Windows users are at risk, and as such the use of Windows is
discouraged. Some of the /web/ /applications/ we run refuse actively
connections from Windows machines (some Windows idiots sometimes try to spoof
their user agent strings, but they never succeed).

The more we explain to clients that Windows is just a poor, proprietary client
for a Unix world, the more Linux installations we do. Many major
corporations are moving away from Windows, and enjoying the benefits of
increased stability, security and reduced licencing costs.

C.

Günther Schwarz wrote:

> Good luck with that attitude. SQL injection and PHP exploits will work
> as nicely on your servers as on ones running a different OS. The final
> target might be the Windows system of visitors of your sites, but the
> distribution via compromised web sites is not bound to that specific
> OS.

Are we now comparing apples and oranges? Is it reasonable to assume that
the OP's question related to a desktop linux machine? If so why are we now
discussing web servers? A desktop machine may or may not be running a web
server, though not is more likely, and it is reasonably unlikely that it
will be accessable from the internet if it does.

I just feel that this thread can be read such that there is an implicit
argument (probally not intended) that linux machines must be vulnerable to
SQL injection (as webservers) compared to windows machines that are not
vulnerable (as desktops). This of course is not a fair comparison for
several reasons.

Pete

--
http://www.petezilla.co.uk

Christopher Hunter wrote:
> Günther Schwarz wrote:
>
>> Good luck with that attitude. SQL injection and PHP exploits will work
>> as nicely on your servers as on ones running a different OS.
>
> It's simply /not/ an issue. I have yet to see a SQL injection exploit
> that /actually/ /works/ - there are plenty of scare stories from the
> anti-virus snake-oil salesmen, but no *real* ones "in the wild".

The issue is *not* whether there is or is not a real, current, actual
threat, but the question is whether there exists the possibility of an
exploit even on Linux and whether Linux users should be vigilant.
And, IMHO the answer is "no, there is no real, current, actual threat
and Linux is designed such that a serious infection is highly unlikely
but Linux users should be vigilant nonetheless".

Josef
--
These are my personal views and not those of Fujitsu Siemens Computers!
Josef Möllers (Pinguinpfleger bei FSC)
If failure had no penalty success would not be a prize (T. Pratchett)
Company Details: http://www.fujitsu-siemens.com/imprint.html

"Jeffrey Needle" wrote in message
news:1vNNk.3696$W06.1125@flpi148.ffdc.sbc.com...
>>> Is this any danger to Ubuntu?
>>
>> There's a reason you don't generally need to install a virus checker on
>> a linux distrib - welcome to the world of (virtually) hack-proof
>> computing :-)
>>
>> Be sure to worry about all your Windows enabled machines though :-p
>
> Which raises a question. I use the Wubi install on a WinXP system. Do I
> need to boot to Windows every so often, update my virus protection, and
> scan my machine?

Just make sure you don't mount your windows volumes RW and they can't be
infected unless its a linux virus that knows how to remount the volumes.

> > Be sure to worry about all your Windows enabled machines though :-p
> Which raises a question. I use the Wubi install on a WinXP system. Do I
> need to boot to Windows every so often, update my virus protection, and
> scan my machine?

Only for the windows files.

> "Jeffrey Needle" wrote in message
> news:1vNNk.3696$W06.1125@flpi148.ffdc.sbc.com...
>>>> Is this any danger to Ubuntu?
>>>
>>> There's a reason you don't generally need to install a virus checker
>>> on a linux distrib - welcome to the world of (virtually) hack-proof
>>> computing :-)
>>>
>>> Be sure to worry about all your Windows enabled machines though :-p
>>
>> Which raises a question. I use the Wubi install on a WinXP system. Do
>> I need to boot to Windows every so often, update my virus protection,
>> and scan my machine?
>
> Just make sure you don't mount your windows volumes RW and they can't be
> infected unless its a linux virus that knows how to remount the volumes.

Shall do -- thanks!

>> > Be sure to worry about all your Windows enabled machines though :-p
>> Which raises a question. I use the Wubi install on a WinXP system. Do
>> I need to boot to Windows every so often, update my virus protection,
>> and scan my machine?
>
> Only for the windows files.

Thanks.

Peter Chant wrote:

> Günther Schwarz wrote:
>
>> Good luck with that attitude. SQL injection and PHP exploits will
>> work as nicely on your servers as on ones running a different OS. The
>> final target might be the Windows system of visitors of your sites,
>> but the distribution via compromised web sites is not bound to that
>> specific OS.
>
> Are we now comparing apples and oranges? Is it reasonable to assume
> that
> the OP's question related to a desktop linux machine? If so why are
> we now
> discussing web servers?

Well, I replied to the strong statement that everything out there is
only targeted on Windows installations. That is IMHO a dangerous and
lightheaded statement. Linux, though it does not suffer from some basic
design flaws and silly stuff like autorun.exe as Windows, is not secure
by design. If one wants a secure OS it has to be redone from scratch.
And then this will be very much different both in hardware in software
to what is known today as the Personal Computer as a Universal Machine
used for managing the bank account, connecting to the employers
network, digging the spam folders, and watching porn at the very same
time.

> I just feel that this thread can be read such that there is an
> implicit argument (probally not intended) that linux machines must be
> vulnerable to SQL injection (as webservers) compared to windows
> machines that are not
> vulnerable (as desktops). This of course is not a fair comparison for
> several reasons.

Yes, of course. This thread is messed up anyways, so I will stop here.

Günther