Is This the Dawn of the Linux Worms?
Don Erickson
derick at zeni.net
Tue Nov 15 14:55:53 CST 2005
On Tue, 15 Nov 2005, Garrett Goebel wrote:
> No. The worm that is mentioned, luppi, exploits vulnerabilities in PHP...
Yes, the XML-RPC vulnerability in PHP, awstats, and WebHints, which I am
not familar with.
While you are correct that these holes aren't in Linux itself, they are
holes in programs that are distributed with and run on linux. Since all
of these holes have been patched and a simple upgrade will fix them, I
think that people running apache on linux should be aware of the worm's
existence.
This looks like an excellent time to bring up a central point of
Microsoft's "Linux is less secure than Windows" argument, which goes like
this: "Linux is less secure than Windows because there were only 4,765
security alerts issued for Windows last year, but there were 7,325 alerts
for unix & linux systems." Feel free to insert bogus statistics of your
choice.
The problem with this argument is that Linux distributions take
responsibility for 3rd party code that they package to run on their dist.
Windows only counts security alerts for code that they author/maintain.
Nobody's blaming Windows for the Sony "rootkit", for example, yet any
advisories about (sometimes trivially minor) security holes in code that
runs on Linux get counted as a "Linux Security Threat."
Regards,
-Don
More information about the Kclug
mailing list