Three, actions speak louder than words in fact as early as 1988, UNIX platforms have released the first large-scale worms, but just as the Unix system I, still not known.
With the Klez virus infection on the Linux platform, the people began to realize that the original Unix and Linux security problems also exist. Next virus more, such as: Lion.worm, OSF.8759, Slapper, Scalper, Linux.Svat and BoxPoison etc. A Austria, even wrote a book on how to write on the Linux platform ELF virus Guide, but even so, many viruses or will not be familiar. So far been viruses across Unix/Linux is already very much, Unix: FreeBSD, HP/UX, IBMAIX, SCOUnixware, SCOOpenServer, SunSolaris and SunOS, Linux: SuSELinux, MandrakeLinux, RedHatLinux, DebianGNULinux, SlackwareLinux. WINE is an open source compatible software package that allows UNIX platforms running Windows applications. Although this seems to be a good choice, however, the use of WINE of Unix/Linux systems are particularly vulnerable to virus attacks. Because they make both on UNIX or on Windows viruses, worms and Trojans are a threat to the system. In fact, whether they are Unix/Linux or Windows, viruses and Trojans works are very similar, we can simply understood as the virus without your consent and infection and destruction of other programs, worms is as a bypass your consent of self-replicating code block, although some system Bug will also copy the behavior exists, but its unconscious behavior and virus, worm, Trojan horse of conscious active behavior or differentiated. On UNIX systems, a first name masquerading as tar or DF Trojans, or even remove the entire file system, this is terrible. IV. instance as evidence in order to further understanding on UNIX/Linux environment, the virus works and processes, it is a combination of viruses instance. On UNIX/Linux system using Apache as the WEB Server user is relatively much, but it is against their attacks linux.slapperworm.slapper, this worm through the HTTP protocol on port 80 to the WEB to issue GET requests to get the version of Apache, it once found easily attack version, it will connect to the server's port 443, the use of a buffer overflow vulnerability to adopt suitable worm package replaces the corresponding files in the server. Replace is successful, the worm uses a local compiler (such as GCC) compile itself, will be compiled binary result start from/tmp directory, listen to UDP port to accept more long-term distributed denial of service (DDoS) attacks. Finally, the DDoS attacks make TCP flood the system crashes. Some of the Slapper virus variant also scans the entire class b network looking for easy to attack the Apache server. Another typical example, LinuxLionworm worms. By obtaining access to the system, the virus hackers can use the remote system for DDoS attacks, theft of credit card numbers, or steal and destroy confidential files, records. Closing to make your Unix/Linux system more secure, choose a suitable anti-virus product is necessary to consider the issue, a number of Unix/Linux is designed to install on your firewall, or deployed in messaging and groupware server. In Unix/Linux server network, protecting the server's security has become particularly important that still require manufacturers and the majority of programmers for their tireless efforts!
No comments:
Post a Comment