Antivirus for (mailservers on) FreeBSD
Paul Chvostek
paul+fbsd at it.ca
Thu Jun 12 13:19:52 PDT 2003
On Thu, Jun 12, 2003 at 03:58:59PM -0400, Bill Moran wrote:
>
> p.s. I abhor the term "virus" as I haven't seen one in years. The horrible
> technical elegance of a true virus doesn't exist in the abilities of modern
> malware developers. Worms and trojans are the best they can do. And worms
> are often too difficult.
That's not entirely true. A virus spreads itself by infecting through a
medium. The classic "Stoned" virus prepended itself to executables and
once run, sat in memory waiting for filesystem calls to tell it where to
find new executables or floppy MBRs to infect.
The modern worm does pretty much the same thing, only its medium of
infection is the email system rather than a filesystem. A virus is an
infection of the software. A worm is a category of virus which ALSO
infects the wetware. (And MLM schemes are purely a wetware infection.)
Is an email worm that has additional functionality to spread itself over
SMB network shares to writable executables still merely a worm? Would
you catagorize it as one, or the other, or both?
It's just symantecs. Er, semantics. ;)
--
Paul Chvostek <paul at it.ca>
Operations / Abuse / Whatever
it.canada, hosting and development http://www.it.ca/
More information about the freebsd-chat
mailing list