Question regarding future viruses .. - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Question regarding future viruses ..

  1. #11
    Senior Member
    Join Date
    Oct 2003
    Posts
    707
    Nihil I think that the virus that you are talking about is called "W32.Winux" or also known as "W32/Lindose.2132". Please feel free to correct me if I am wrong.


    W32.Winux is not a platform-independent virus. W32.Winux's initial injection point must be a Windows machine -- it cannot start by infecting a Linux box. Once it infects a Windows computer though, it starts looking for certain files under the Windows file system and the Linux file systems. When it finds what it's looking for, it opens files and inserts code.

    It initially infects a Windows system and seeks out certain Windows files (PE file types, which include .exe files). W32.Winux's uniqueness stems from the fact that it doesn't stop there. After infecting a Windows system, W32.Winux then starts looking through the system for any known Linux files -- for instance, through shared file systems or remote drives. It looks through those for Linux ELF files, which also include Linux system binaries.
    Here's a link to learn a little more about it ...
    http://us.mcafee.com/virusInfo/defau...&virus_k=99060

    Is this the virus which you were talking about ? Will it ever be possible for virus writers to create a collection of viruses which would be able to cripple the Net ? Or would that just be impossible ?

    Seeing as technology increases every year and people wanting to have networked homes I think that this would just give a virus writer another challenge to create a virus which would create quite some chaos. Imagine waking up at 3:00 a.m. to hear your stereo blarring or you tv turned on ... I am probably going a little overboard but who can say that this will not be possible in a couple of years from now ...
    Operation Cyberslam
    \"I\'ve noticed that everybody that is for abortion has already been born.\" Author Unknown
    Microsoft Shared Computer Toolkit
    Proyecto Ututo EarthCam

  2. #12
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hi, Agent_Steal,

    Well done! that is exactly the one I was talking about. April 2001, so I must have read the advisories about 2.5 years ago. I guess the only reason I remember it is because it was so unusual because of its cross platform capabilities. As the write up says it was "proof of concept" and not in the wild.

    I do not think that crippling the Net will come from a complex cross platform virus. They would be too complicated to write and too big.

    I think that the real danger lies in the structure of the Net itself? Looking back on personal experiences and what I have read (I am talking commercial/institutional environments here) what seems to happen is that one of these things attacks, spreads so far, then the sheer volume of traffic crashes the servers. In the past this has given us the breathing space to do the clean up and patching?

    Over the last couple of years there has been a preponderance of mass mailers and network aware worms, exploiting vulnerabilities in operating systems. These spread very rapidly and have caused areas of the Net to collapse under the sheer volume. In a way they are more similar to DoS attacks in that they are more brute force and ignorance than guile and stealth.

    So far (thank God!) no-one has managed to bring the two approaches together. The fact that the individual elements of the Net have been unable to cope with the traffic has, perversely, acted as a form of protection.

    Today we have PCs running at 3GHz and everyone wants faster and faster connections (Cable, Satellite, ADSL) so we are infact creating an environment in which the scenario you suggest is more likely? We are providing the environment....it could not have happened in the days of 486s and 14.4 dial-up connections.

    Home networking increases the number of infected machines as several recent mass mailers have also been network aware. If you and your brother both have separate machines, you won't be in his address book and vice versa? if you are both on a home network, that protection is gone?

    To achieve the disaster you envisage would require subtly infecting a large number of machines Worldwide with a "sleeping" virus, then unleashing it simultaneously. This would crash the net, either through overload or by forcing admins to shut down.

    If you want to see something really frightening, look up the analyses of the Magistr virus, in particular the one by Kaspersky Labs. There are some very competent bad guys out there

    Just my 0.02

    Sorry for the rant

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #13
    I think that the real danger lies in the structure of the Net itself?
    And Bill Gates wonders why he cant have a monopoly. One virus for all platforms. Hrm.....

    To achieve the disaster you envisage would require subtly infecting a large number of machines Worldwide with a "sleeping" virus, then unleashing it simultaneously. This would crash the net, either through overload or by forcing admins to shut down.
    The internet is a collection of everybody's computer that is connected in a huge network, WAN; basically a larger LAN. The difference is that to connect you need providers. Say you had a LAN setup like this...


    Comp5
    Comp6 - | - Comp3 - Comp2 - Comp1 ->Internet
    Comp4

    To disable this all you have to do is take down Comp1. The same idea is with the internet, take out major providers would basically cripple the internet. That is the downfall of commercializing the internet.

    -Cheers-

    PS: The network pic sucks.. Also, I've never administrated a network, but that does sound like a pain in the ass Nihil.

  4. #14
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Hi PM8228,

    I see what you are getting at and have read articles about various countries having hundreds of people working in their "cyberwarfare" departments.

    That is a bit different to this thread?

    1. It is targeted
    2. It is funded
    3. It requires considerable resources working as a team?

    I think that Agent_Steals scenario is more of a "cluster bomb" than a sniping rifle? I think it will be more a case of ensuring that there are sufficient sources of infection distributed across the Net, than on specific targeting of strategic nodes.

    My main reason for this argument is that I don't think that the bad guys are numerous enough or organised enough for global specific targetting. I just hope that I am right, as your scenario would obviously be much more efficient

    Cheers
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides