Linux Worm Not a Significant Threat

Discussion in 'News' started by tripwire45, Nov 8, 2005.

  1. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster


    Linux Worm Not a Significant Threat

    A worm targeting Linux by exploiting Web server holes has been spotted, although doesn't pose a significant threat. Linux.Plupiin spreads by exploiting holes in PHP/CGI, according to McAfee. It is a derivative of the Linux/Slapper and BSD/Scalper worms and attacks by sending malicious HTTP requests on port 80. If the server is configured to permit external shell commands and remote file download, the worm could be downloaded and executed. It can also harvest e-mail addresses stored in Web server files.

    To read the complete story, click Here
    Certifications: A+ and Network+


    1. Boycie
      Interesting Trip. I thought you didn't need Anti-virus on Linux unless you are running a server :blink
    2. tripwire45
      This is a worm aimed primarily at Linux web servers but only those running very specific modules.

      EDIT: Try THIS link.
    3. ffreeloader
      And with a very specific configuration that is an inherently unsafe way to run a web server. A lot of things have to be just right before this thing will run, and even then it isn't going to harm the system itself.

      It doesn't target Linux as much as it targets the Apache web server CGI scripts written using PHP. They just happen to be running on a lot of Apache web servers running on Linux.

      This is not a worm that attacks the OS. If it really opened a backdoor into the OS it would install a rootkit and that would make it very difficult to detect and remove, so the article stating that it opens a backdoor into the computer is a little bit deceiving. It's installing itself in the web server directories and then reading web server files. It's not actually getting into the host computer as such unless someone has set Apache file permissions up in a really bizarre manner. The www-data group doesn't even have read permissions, let alone write permissions, outside of the web server files in an Apache server that is set up correctly.

    Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.