[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [michellh@LinuxMall.com: Re: [seul-edu] I love progress]



On Fri, May 05, 2000 at 03:34:43PM -0400, Roger Dingledine wrote:
> From: Michelle Head <michellh@LinuxMall.com>
> 
> Need immediate help for a story going out in 2 hours.  Are any of you
> using a Linux box in your business as an email server--and is it
> affected more or less than other OSs by the ILOVEYOU and JOKE viruses?
 
We use Linux here at seul.org, for email as well as other services.
We got a number of copies of the virus sent through. My sendmail
treated them as normal text just like all the other text. So the short
answer is: I wasn't affected at all. Not one bit.

Now, the point of the virus is that it spreads via people *reading* it,
so if people sent mail from an infected windows machine to an infected
windows machine, via a seul.org address, then it could still spread.
There's nothing magical about Linux such that it strips the virus out.

I believe there are a number of articles on Freshmeat and elsewhere from
high-profile people like ESR saying "No, Windows viruses don't work on us."

From a technical standpoint, they just don't affect us. There's no reason
to try to build case studies or hear from Linux users about whether they
were affected -- they weren't.

Technicality: I bet the virus would still affect you if you were running
word via vmware. But then, that was a "windows machine" it was attacking,
even if it was a virtual windows machine. (If you don't understand this
technicality, you can safely ignore it.)

The way to attack Linux machines is through trojans -- bug the
distribution packages (rpms, etc) and then you infect each user who
downloads that package, until somebody notices the problem. Historically,
we're pretty good at noticing quickly (so far).

Hope this helps (if not this time, for next time),
--Roger (wearing his MIT Network Security Consultant hat)