View previous topic :: View next topic |
Author |
Message |
detlef Tux's lil' helper
Joined: 04 Dec 2002 Posts: 116 Location: Kassel
|
Posted: Fri Apr 02, 2004 4:36 pm Post subject: [OT]Linux-VIRUS |
|
|
Hi,
Aufgrund der Meldung von http://www.pro-linux.de/news/2004/6651.html hab ich mal mein System gescannt. Der Hammer ist, dass ich hier kein Filesharing betreibe... Schaut nicht wirklich gut aus:
Code: |
/etc/bootsplash/gentoo/images/bootsplash-800x600.jpg: Seems to be infected with Lirpa
.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean
it.
/etc/bootsplash/gentoo/images/gentoo-cad.jpg: Seems to be infected with Lirpa.A. Plea
se see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/silent-800x600.jpg: Seems to be infected with Lirpa.A.
Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/bootsplash-1024x768.jpg: Seems to be infected with Lirp
a.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clea
n it.
/etc/bootsplash/gentoo/images/silent-1600x1200.jpg: Seems to be infected with Lirpa.A
. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean i
t.
/etc/bootsplash/gentoo/images/bootsplash-1600x1200.jpg: Seems to be infected with Lir
pa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to cle
an it.
/etc/bootsplash/gentoo/images/gentoo-kde.jpg: Seems to be infected with Lirpa.A. Plea
se see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/gentoo-kdm.jpg: Seems to be infected with Lirpa.A. Plea
se see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/silent-1280x1024.jpg: Seems to be infected with Lirpa.A
. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean i
t.
/etc/bootsplash/gentoo/images/bootsplash-1280x1024.jpg: Seems to be infected with Lir
pa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to cle
an it.
/etc/bootsplash/gentoo/images/gentoowired.jpg: Seems to be infected with Lirpa.A. Ple
ase see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/gentoo-cycle.jpg: Seems to be infected with Lirpa.A. Pl ease see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/silent-1024x768.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it .
/etc/bootsplash/gentoo/images/gentoo-ice-light2.jpg: Seems to be infected with Lirpa. A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/etc/bootsplash/gentoo/images/gentoo-ice.jpg: Seems to be infected with Lirpa.A. Plea se see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Web/images/h_rgfx.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Web/images/h_logo.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Music/KR-DM1.ogg: Seems to be infected with Lirpa.A. Please see http ://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Music/KR-Tomb-Of-Horus.ogg: Seems to be infected with Lirpa.A. Pleas e see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Music/KR-UT2003-Menu.ogg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Music/KR-From-Below-V2.ogg: Seems to be infected with Lirpa.A. Pleas e see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/ut2003-demo/Music/KR-Infiltrate.ogg: Seems to be infected with Lirpa.A. Please s ee http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/RealPlayer9/Help/pics/unixplay.jpg: Seems to be infected with Lirpa.A. Please se e http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/FileChooserDemo/images/jpgIcon.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/raspberry.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/apple.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/broccoli.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/strawberry.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/kiwi.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/pickle.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/corn.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
/opt/blackdown-jdk-1.4.1/share/demo/jfc/SwingSet2/resources/images/ImageClub/food/banana.jpg: Seems to be infected with Lirpa.A. Please see http://www.st.ryukoku.ac.jp/~kjm/security/memo/ for hints how to clean it.
[...]
|
Jetzt geht der Schei* hier auch schon los...
Gruß
Detlef |
|
Back to top |
|
|
spitzwegerich l33t
Joined: 04 Mar 2003 Posts: 697 Location: Lower Bavaria, Central Europe
|
Posted: Fri Apr 02, 2004 4:39 pm Post subject: |
|
|
Linux-Virus, mach Witze! Da glaub ich doch noch eher an einen Aprilscherz von pro-linux.de... _________________ "Work is the curse of the drinking classes."
-Oskar Wilde |
|
Back to top |
|
|
sOuLjA Guru
Joined: 26 Jul 2002 Posts: 366 Location: germany - hannover
|
Posted: Fri Apr 02, 2004 4:43 pm Post subject: |
|
|
mit welchem prog hast du denn dein rechner gescaned? _________________ Gentoo Linux / gentoo-sources 2.6.28-r1 / fluxbox 1.1.1
Nexoc Osiris S602 / Pentium M 1,4GHZ / 1024 MB RAM / Intel 855GME 64 MB
www.gentooforum.de |
|
Back to top |
|
|
detlef Tux's lil' helper
Joined: 04 Dec 2002 Posts: 116 Location: Kassel
|
Posted: Fri Apr 02, 2004 4:48 pm Post subject: |
|
|
spitzwegerich wrote: | Linux-Virus, mach Witze! Da glaub ich doch noch eher an einen Aprilscherz von pro-linux.de... |
Ooops, hast Recht. Die Meldung ist von gestern- hab ich übersehen. Lirpa rückwärts = April.
Trozdem finde ich solche Meldungen auch als April-Scherz ziemlich bescheuert!
Gruß
Detlef |
|
Back to top |
|
|
sOuLjA Guru
Joined: 26 Jul 2002 Posts: 366 Location: germany - hannover
|
Posted: Fri Apr 02, 2004 4:55 pm Post subject: |
|
|
hehe, gibt noch viel bescheuerte dinge _________________ Gentoo Linux / gentoo-sources 2.6.28-r1 / fluxbox 1.1.1
Nexoc Osiris S602 / Pentium M 1,4GHZ / 1024 MB RAM / Intel 855GME 64 MB
www.gentooforum.de |
|
Back to top |
|
|
NueX Apprentice
Joined: 19 Jun 2003 Posts: 196 Location: Germany
|
Posted: Fri Apr 02, 2004 5:36 pm Post subject: |
|
|
Ist es nicht allein schon sehr merkwürdig, dass die Viren in *.jpg-Dateien stecken sollen? Ich meine dafür bräuchte man ja ne Software, die jpg nicht richtig verarbeitet und man somit Code einschleusen kann. Ich hab noch nie ne ausführbare jpg-Datei gesehen! |
|
Back to top |
|
|
siliconburner Guru
Joined: 02 May 2003 Posts: 300
|
Posted: Fri Apr 02, 2004 6:12 pm Post subject: |
|
|
bei videos, kann dioch auch ne html datei gatsrtet werde, ich hatte es schonmal. video abgespielt, und da ging der browser auf. da kann es doch sein, dass es bei bildern auch noch kommt _________________ living in /dev/null |
|
Back to top |
|
|
pablo_supertux Advocate
Joined: 25 Jan 2004 Posts: 2931 Location: Somewhere between reality and Middle-Earth and in Freiburg (Germany)
|
Posted: Fri Apr 02, 2004 6:29 pm Post subject: |
|
|
sOuLjA wrote: | mit welchem prog hast du denn dein rechner gescaned? |
Auf den Link von prolinux gibt es ein SH Skript zum Runterladen. su eingen und laufen lassen.
Ich hoffe nur, dass das nur ein "Lirpa"-Scherz ist und dass Lirpa nicht ein Zufall ist _________________ A! Elbereth Gilthoniel!
silivren penna míriel
o menel aglar elenath,
Gilthoniel, A! Elbereth! |
|
Back to top |
|
|
Deever Veteran
Joined: 06 Jul 2002 Posts: 1354 Location: Zürich / Switzerland
|
Posted: Fri Apr 02, 2004 11:04 pm Post subject: |
|
|
NueX wrote: | Ist es nicht allein schon sehr merkwürdig, dass die Viren in *.jpg-Dateien stecken sollen? Ich meine dafür bräuchte man ja ne Software, die jpg nicht richtig verarbeitet und man somit Code einschleusen kann. Ich hab noch nie ne ausführbare jpg-Datei gesehen! |
Gehört zwar nicht hierher, aber die Winzigweichlinge haben IIRC mal so eine innovative Sicherheitslücke gebaut. Wüsste aber nicht, wo suchen!
*SCNR*
dev |
|
Back to top |
|
|
moe Veteran
Joined: 28 Mar 2003 Posts: 1289 Location: Potsdam / Germany
|
Posted: Sat Apr 03, 2004 7:08 pm Post subject: |
|
|
Quote: | Ich hoffe nur, dass das nur ein "Lirpa"-Scherz ist und dass Lirpa nicht ein Zufall ist |
Steht doch im von dir geposteten Link auf prolinux in fett (Achtung Aprilscherz!)
Gruss Maurice _________________ Signaturen sind doof. |
|
Back to top |
|
|
spitzwegerich l33t
Joined: 04 Mar 2003 Posts: 697 Location: Lower Bavaria, Central Europe
|
Posted: Sat Apr 03, 2004 8:43 pm Post subject: |
|
|
moe wrote: |
Steht doch im von dir geposteten Link auf prolinux in fett (Achtung Aprilscherz!) |
Das wurde erst nachträglich eingefügt, glaube ich. _________________ "Work is the curse of the drinking classes."
-Oskar Wilde |
|
Back to top |
|
|
moe Veteran
Joined: 28 Mar 2003 Posts: 1289 Location: Potsdam / Germany
|
Posted: Sat Apr 03, 2004 11:25 pm Post subject: |
|
|
Mich würd ja mal interessieren, wieviele aufgrund dieses Scherzes harmlose jpg-Dateien gelöscht haben.. Aber wird wohl kaum einer zugeben
Ganz in Ordnung find ich das aber auch nicht, sicher hätt es vielen Leuten klar sein müssen dass ein jpg (zumindestens unter Linux) keinen ausführbaren Code enthalten kann, aber manchen geht Sicherheit vor evtl. gefährliches Halbwissen..
Da hätt ich ne Story dass z.B. SCO jetzt auch Rechte am Kernel von Win NT hat viel lustiger gefunden..
Gruss Maurice _________________ Signaturen sind doof. |
|
Back to top |
|
|
Fibbs Guru
Joined: 26 Jan 2003 Posts: 448 Location: Forstern near Munich / Germany
|
Posted: Sun Apr 04, 2004 3:18 am Post subject: |
|
|
Herrlich,
hab das Posting und die Antworten erst jetzt gelesen und mich prächtig amüsiert... Danke! |
|
Back to top |
|
|
|