A few simple questions(...if you don't mind)

Erik Trulsson ertr1013 at student.uu.se
Tue Jul 6 03:37:02 PDT 2004 

On Tue, Jul 06, 2004 at 10:43:03AM +0100, Matthew Seaman wrote:
> On Tue, Jul 06, 2004 at 12:08:17AM +0300, Giorgos Keramidas wrote:
>  
> > Remember, this is not Windows, where everything is free and you have to
> > share your personal data with the world :P
> 
> ITYM "nothing is free, except other people's access to your data."
>  
> > In short, I've heard of no viruses that affect BSDs during the last 7-8
> > years that I'm using a BSD Unix at home and work.
> 
> The only malware that ever achieved any sort of world prominence was
> the Scalper worm, which exploited the "chunked transfer encoding"
> vulnerability in versions of Apache earlier than 1.3.24 or 2.0.36 on
> i386 FreeBSD:
> 
>     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE+CAN-2002-0392
> 
>     http://securityresponse.symantec.com/avcenter/venc/data/freebsd.scalper.worm.html
> 
> As I remember there were only a few hundred infections, and an Apache
> patch was available within hours.  Hardly the sort of Internet
> destroying scale we've become accustomed to with all those Windows
> worms recently.

If you go back a bit further in time there was the Great Worm of 1988,
which targeted VAX and Sun3 systems running BSD code, and which
actually did bring down most of the Internet at the time.  That was the
incident that got people in the Unix community to start thinking seriously
about security.

As for actual viruses, they are very rare in the Unix world.  I have
heard of one or two proof-of-concept viruses created for Linux, but I
don't think any have ever been found in the wild.

Trojan horses of course exist (as they do on all systems), but in a
world where lots of people compile from source instead of downloading
binaries this kind of code is much harder to hide, and thus less
popular.


One advantage the Unix world enjoys, is that people are running so many
different versions of programs, and many different programs even, on
different kinds of hardware, that it becomes very difficult for any
kind of malware (which almost always contains some system-dependent
binary code) to affect more than a relatively small fraction of the
systems out there, which prevents the rapid infection and spreading
that Windows-based worms tend to have.



-- 
<Insert your favourite quote here.>
Erik Trulsson
ertr1013 at student.uu.se

More information about the freebsd-questions mailing list