SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Technology Stocks : How high will Microsoft fly?
MSFT 474.82-0.8%3:59 PM EST
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
To: Al Bearse who started this subject1/17/2001 1:07:51 PM
From: DiViT  Read Replies (1) of 74651
 
Linux is secure...

Internet worm squirms into Linux servers
By Robert Lemos
Special to CNET News.com
January 17, 2001, 9:25 a.m. PT
An Internet worm cobbled together from generally available hacking tools has compromised hundreds, perhaps thousands, of Linux servers by using two well-known security flaws in applications set up during the default installation of Red Hat Linux software.

Known as the Ramen worm, the self-spreading program appears to have been created by common Internet vandals--called script kiddies. As of Wednesday morning, the worm was continuing to spread.

The worm spreads by scanning the Internet for servers based on Red Hat 6.2 or 7.0 and then attempts to gain access using two common exploits. When it does gain access, it installs a so-called root kit, which patches the security holes and installs special programs that replace common system functions. Ramen also replaces the main page on Web servers with an HTML file claiming: "RameN Crew--Hackers looooooooooooove noodles."

Finally, the new worm sends an e-mail message to two Web-based accounts, boots up and starts scanning the Internet again.

Spitzner and other security experts on the Bugtraq mailing list detected the worm earlier this week when they noticed an increase in scans for the RPC.statd and wu-FTP vulnerabilities that plague the default installations of most Linux servers. The worm, however, limits its spread to servers based on Red Hat 6.2 and 7.0.

news.cnet.com
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2025 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News