New worm targets Linux systems

A new worm that propagates by exploiting security vulnerabilities in Web server software is attacking Linux systems, antivirus companies warned on Monday.

The worm spreads by exploiting Web servers that host susceptible scripts at specific locations, according to antivirus software maker McAfee, which has named the worm "Lupper."

Lupper blindly attacks Web servers, installing and executing a copy of the worm when a vulnerable server is found, McAfee said in its description of the worm.

A backdoor is installed on infected servers, giving the attacker remote control over the system. The server joins a network of compromised systems, which can be used, for example, in attacks against other computers, according to McAfee.>>>>

http://news.com.com/New+worm+targets+Linux+systems/2100-7349_3-5938475.html?part=rss&tag=5938475&subj=news

Say it isn't so. :cry: The vaunted Linux, hacked?

Jay

Which I don't

Any linux users with an opinion on this?

person, but we have some Unix servers where I work. During the Code Red outbreak a few of them servers became infected. Now this isn't an infection that would cause any harm, as the virus is/was not written for that OS and was therefore inert. But it was there. We ended up purchasing Sophos AV for our Unix boxes. Don't let anyone fool you though, Virus's for Linux/Unix/OSX have been written and released to the wild. No OS is 100% safe and as linux gains market share we will see more of them.

Jay

As you say, no OS is 100% safe. That statement should be etched into the brain of every current and potential computer user in existence.

I'll note however that one of the advantages of Unix-ish systems is the true multi-user environment that prevents code requiring administrator level privileges from doing damage. Aside from lower market share, this is another major reason viruses for Linux are less common. A truly damaging virus on Linux, for example, requires a greater level of complexity and thus more talent on the part of the person writing the code to make it do anything.

Linux/Unix. There's just no good way, with Windows, to stop people who aren't supposed to be admins from mucking up your PC. Vista is supposed to be going for the same model, so we'll see.

Jay

I've read different accounts about how this will be done, some of which seem pretty good, others not so much. It is going to require a fundamental change in the way the OS is designed, and I wasn't initially aware MS was even considering that. If they do it well, it's going to create some compatibility problems with software not written for Vista.

But as you said, we'll see.

My opinion is to take this warning fairly literally. "The worm spreads by exploiting Web servers that host susceptible scripts at specific locations. . ."

If you run Linux and run a web server and have the "susceptible scripts" you should seek immediately to acquire the patches that have been available since February for one of the vulnerable scripts and to avoid using one of the others that hasn't been patched to eliminate the risk. If you do not run a web server, then this worm will not affect your system directly.

I run Linux, but I do not have a Web server installed. Most home users of Linux do not have Web servers installed. Well, technically, I have one installed because it is a default part of my distro, but it is not running, has never run, and likely never will. However, it's already patched against this worm. (I just checked.) A casual computer user has little use for web server

Anyway, this is mostly a problem from web hosts who use Unix-ish systems for web servers and don't bother with security updates. No system administrator worth the title fails to do that.