[luau] New Linux Worm Threatens Serious Denial Of Service Attacks Sept. 16, 2002

Warren Togami warren at togami.com
Tue Sep 17 20:06:00 PDT 2002 

This particular Linux worm, and the worms Code Red & Nimda that
destroyed many Windows servers were only successful because so many
people NEVER apply updates.  Patches for OpenSSL (in this case) or IIS
(for Nimda and Code Red) were out for months by the time the worm began
to spread.

You would be surprised how many people on this list don't apply updates,
or are even aware of the automating updating tools in their Red Hat or
Mandrake installation.  Even more surprising is how often I get into
arguments with people that refuse to update their systems.  They usually
have reasons along the lines of, "My system isn't important.  Why would
anyone want to crack me?"

This type of thinking is wrong, because systems that are "not important"
are usually also poorly maintained and poorly monitored.  This means
that crackers want to hijack your box in order to use as a relay from
which they can attack other targets almost without being traced.  If
your system is poorly monitored and maintained, they are likely to be
able to use your system as an attack relay for a longer period of time. 
Other crackers may host warez downloads or steal personal data from your
computer... both of which will cause problems for you.

These people think, "It wont happen to me." but it sure will if they
don't apply updates.

These people think applying updates is too hard.  Well, it isn't! 
Almost every Linux distribution now has some type of automated updating
tool, most of which are as easy as point & click.  Here's a list of
several:

Red Hat		up2date
Mandrake	rpmdrake or urpmi
SuSE		YAST2
Debian		apt-get
Conectiva	apt-rpm
Gentoo		emerge

Spend a small amount of effort now and figure out how these automated
updating tools work. Much better than spending much effort later after
your box gets cracked, data destroyed, your bandwidth wasted and
personal information stolen.

If you would like more information about how to use automated updating
tools in any specific distribution, please ask and someone will
elaborate.

Warren Togami
warren at togami.com

More information about the LUAU mailing list