On Mon, 27 Jan 2003, technomage wrote: > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > On Monday 27 January 2003 01:29 pm, you wrote: > > ... > > > I regret to inform you that this statement is > > > false. there are, in fact 12 virii and 37 > > > variants therein for various distributions of > > > linux. I should know, I have had to troubleshoot a > > > few linux boxes that did, in fact, have virus > > > infections. > > ... > ... I base all my information on the > CERT databases. I assume that you are using the terms "virii" and "infection" very loosely here: searching on http://www.cert.org/ for linux virii produces nothing, and even if you widen the search for other vulnerabilities, you can't come up with any quotable numbers like the above, but that would not be surprising to anyone who reads CERT advisories on a regular basis, as I do. CERT is far too savvy to make such an obvious mistake, considering how such mostly meaningless numbers would be misinterpreted or misunderstood in the press, and by the less knowledgeable. So why did you publish such? Never mind -- that's a rhetorical question, and yes, I know that you were probably not actually saying you were paraphrasing CERT, or anything like that, but you must admit that "IS" the impression.... So I am guessing that those boxes you are referring to had been rooted, probably by some script kiddie, via, perhaps, a buffer overflow, and you were forced to re-install the system, the way CERT recommends in their tutorials for such situations? What would have prevented the break-in, do you think? Most likely by installing updates, the way CERT has repeatedly warned, and as I have recommended previously? Or some of the other measures CERT and others advise, such as not running unneeded server daemons? Practical advice for the newbie is what is needed here -- but others have covered that ground already now. LCR -- L. C. Robinson reply to no_spam+munged_lcr@onewest.net.invalid People buy MicroShaft for compatibility, but get incompatibility and instability instead. This is award winning "innovation". Find out how MS holds your data hostage with "The *Lens*"; see "CyberSnare" at http://www.netaction.org/msoft/cybersnare.html