From what I briefly read this morning, you could be one of the people

contributing to the Windows problems, blissfully unaware that you are doing

so.. you could also be infecting other Linux systems, making them carriers

too, and you think that is a good thing?

On Thu, 5 Jul 2007 09:35:52 -0400, "Richard Urban"

<richardurbanREMOVETHIS@hotmail.com> wrote:

>Alias will refuse to believe "any" of this. He has placed his head where the

>sun doesn't shine.

 

I don't take anything you say seriously and do wonder how you became a

MVP since I haven't seen you demonstrate even minimal technical

knowledge on any topic yet. Who are you trying to fool Richie?

"Alias" <aka@maskedandanonymous.info> wrote in message

news:u9nl1pvvHHA.3588@TK2MSFTNGP06.phx.gbl...

>

> Back to the present. Use Ubuntu and never worry about a virus, root kit or

> any other malware. http://www.ubuntu.com/

>

> Alias

 

 

Where do you think the term "root kit" came from? Is there a root user in

Windows?

 

--

Kerry Brown

Microsoft MVP - Shell/User

http://www.vistahelp.ca

* Alias:

> MICHAEL wrote:

>> * Alias:

>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other

>>> malware. http://www.ubuntu.com/

>> http://www.ussrback.com/UNIX/penetration/rootkits/

>>

>> http://www.juniper.net/security/auto/vulnerabilities/vuln737.html

>> Linux Rootkit II is a collection of publicly available Trojan utilities that target vulnerable

>> Linux operating systems.

>>

>> http://linuxhelp.blogspot.com/2006/12/various-ways-of-detecting-rootkits-in.html

>> Consider this scenario... Your machine running GNU/Linux has been penetrated by a hacker without

>> your knowledge and he has swapped the passwd program which you use to change the user password

>> with one of his own. His passwd program has the same name as the real passwd program and works

>> flawlessly in all respects except for the fact that it will also gather data residing on your

>> machine such as the user details each time it is run and transmit it to a remote location or it

>> will open a back door for outsiders by providing easy root access and all the time, you will

>> not be aware of its true intention. This is an example of your machine getting rooted - another

>> way of saying your machine is compromised. And the passwd program which the hacker introduced

>> into your machine is a trojaned rootkit.

>>

>> http://sourceforge.net/projects/checkps/

>>

>> http://www.chkrootkit.org/

>> http://en.wikipedia.org/wiki/Chkrootkit

>>

>> http://www.rootkit.nl/projects/rootkit_hunter.html

>> http://linux.softpedia.com/get/Security/Rootkit-Hunter-4460.shtml

>> http://en.wikipedia.org/wiki/Rkhunter

>>

>> http://www.zeppoo.net/

>> Zeppoo allows you to detect rootkits on the i386 architecture under Linux by using /dev/kmem

>> and /dev/mem. It can also detect hidden tasks, modules, syscalls, some corrupted symbols, and

>> hidden connections.

>>

>> http://www.theregister.co.uk/2002/09/19/linux_rootkit_hacker_suspect_arrested/

>> A 21-year old from Surbiton, Surrey has been arrested on suspicion of writing and distributing

>> the T0rn rootkit, which dumbs down the process of hacking Linux servers.

>>

>> http://vancouver-webpages.com/rkdet/

>> This program is a daemon intended to catch someone installing a rootkit or running a packet

>> sniffer. It is designed to run continually with a small footprint under an innocuous name. When

>> triggered, it sends email, appends to a logfile, and disables networking or halts the system.

>> it is designed to install with the minimum of disruption to a normal multiuser system, and

>> should not require rebuilding with each kernel change or system upgrade.

>>

>> http://www.sans.org/resources/malwarefaq/t0rn_rootkit.php

>> In most cases, it's quite easy to exploit a given vulnerability and gain root access to a

>> system. What's an actual challenge to an attacker is to maintain such privileges and remain

>> stealthy.

>>

>> There are many options to accomplish this goal, such as deleting log files, installing rootkits

>> and kernel rootkits. The main concepts described here are applicable to the most rootkits

>> available.

>>

>> One of the most known rootkits available for Linux platform is the t0rn rootkit, created by

>> J0hnny7. The version showed at this paper (the first one published) uses pre-compiled binaries

>> and it's structure is based on Linux Rootkit (LRK).

>>

>> http://www.la-samhna.de/library/rootkits/index.html

>> the Linux Kernel Rootkits paper

>>

>> http://search.techrepublic.com.com/search/Linux+and+rootkit.html

>>

>> http://www.linuxforums.org/forum/linux-security/2510-linux-has-rootkit-problem.html

>>

>> http://www.linuxsecurity.com/content/view/127202/171/

>> 26 February 2007

>>

>> Overview

>> A rootkit is a group of software tools which an attacker can use to hide their tracks. A

>> rootkit can also contain software which allows the attacker to get root access and steal or

>> remove files on a system. Another goal for a rootkit is for the attacker to maintain access to

>> the hijacked computer. Rootkits are written for many different operating systems however, this

>> article will only talk about Linux rootkits.

>

> Possibilities, possibilities ... How many Linux boxes have been

> compromised compared to Windows boxes?

 

"Use Ubuntu and never worry about a virus, root kit

or any other malware." -Alias

 

You said "never", you were wrong.

 

"Absolute truth" is for absolute fools.

 

 

-Michael

* Alias:

> MICHAEL wrote:

>> http://www.linuxsecurity.com/content/view/127202/171/

>> 26 February 2007

>>

>> Overview

>> A rootkit is a group of software tools which an attacker can use to hide their tracks. A

>> rootkit can also contain software which allows the attacker to get root access and steal or

>> remove files on a system. Another goal for a rootkit is for the attacker to maintain access to

>> the hijacked computer. Rootkits are written for many different operating systems however, this

>> article will only talk about Linux rootkits.

>

> Possibilities, possibilities ... How many Linux boxes have been

> compromised compared to Windows boxes?

 

"Use Ubuntu and never worry about a virus, root kit

or any other malware." -Alias

 

You said "never", you were wrong.

 

"Absolute truth" is for absolute fools.

 

 

-Michael

> Possibilities, possibilities ... How many Linux boxes have been

> compromised compared to Windows boxes?

 

 

Linux users and Windows users Percentage wise both. Linux has just as many as Windows . The difference being on how many Linux OS's compared to Widows OS's

 

If you turn around the amount of users of Linux and Windows you will find that Linux will have more and Windows less

 

The point is that Linux is just as much at risk for infections as is Windows but on a much smaller case on account of users

 

--

Peter

 

Please Reply to Newsgroup for the benefit of others

Requests for assistance by email can not and will not be acknowledged.

 

"Alias" <aka@maskedandanonymous.info> wrote in message news:OW7D%23qwvHHA.4384@TK2MSFTNGP02.phx.gbl...

> MICHAEL wrote:

>>

>> * Alias:

>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other

>>> malware. http://www.ubuntu.com/

>>

>> http://www.ussrback.com/UNIX/penetration/rootkits/

>>

>> http://www.juniper.net/security/auto/vulnerabilities/vuln737.html

>> Linux Rootkit II is a collection of publicly available Trojan utilities that target vulnerable

>> Linux operating systems.

>>

>> http://linuxhelp.blogspot.com/2006/12/various-ways-of-detecting-rootkits-in.html

>> Consider this scenario... Your machine running GNU/Linux has been penetrated by a hacker without

>> your knowledge and he has swapped the passwd program which you use to change the user password

>> with one of his own. His passwd program has the same name as the real passwd program and works

>> flawlessly in all respects except for the fact that it will also gather data residing on your

>> machine such as the user details each time it is run and transmit it to a remote location or it

>> will open a back door for outsiders by providing easy root access and all the time, you will

>> not be aware of its true intention. This is an example of your machine getting rooted - another

>> way of saying your machine is compromised. And the passwd program which the hacker introduced

>> into your machine is a trojaned rootkit.

>>

>> http://sourceforge.net/projects/checkps/

>>

>> http://www.chkrootkit.org/

>> http://en.wikipedia.org/wiki/Chkrootkit

>>

>> http://www.rootkit.nl/projects/rootkit_hunter.html

>> http://linux.softpedia.com/get/Security/Rootkit-Hunter-4460.shtml

>> http://en.wikipedia.org/wiki/Rkhunter

>>

>> http://www.zeppoo.net/

>> Zeppoo allows you to detect rootkits on the i386 architecture under Linux by using /dev/kmem

>> and /dev/mem. It can also detect hidden tasks, modules, syscalls, some corrupted symbols, and

>> hidden connections.

>>

>> http://www.theregister.co.uk/2002/09/19/linux_rootkit_hacker_suspect_arrested/

>> A 21-year old from Surbiton, Surrey has been arrested on suspicion of writing and distributing

>> the T0rn rootkit, which dumbs down the process of hacking Linux servers.

>>

>> http://vancouver-webpages.com/rkdet/

>> This program is a daemon intended to catch someone installing a rootkit or running a packet

>> sniffer. It is designed to run continually with a small footprint under an innocuous name. When

>> triggered, it sends email, appends to a logfile, and disables networking or halts the system.

>> it is designed to install with the minimum of disruption to a normal multiuser system, and

>> should not require rebuilding with each kernel change or system upgrade.

>>

>> http://www.sans.org/resources/malwarefaq/t0rn_rootkit.php

>> In most cases, it's quite easy to exploit a given vulnerability and gain root access to a

>> system. What's an actual challenge to an attacker is to maintain such privileges and remain

>> stealthy.

>>

>> There are many options to accomplish this goal, such as deleting log files, installing rootkits

>> and kernel rootkits. The main concepts described here are applicable to the most rootkits

>> available.

>>

>> One of the most known rootkits available for Linux platform is the t0rn rootkit, created by

>> J0hnny7. The version showed at this paper (the first one published) uses pre-compiled binaries

>> and it's structure is based on Linux Rootkit (LRK).

>>

>> http://www.la-samhna.de/library/rootkits/index.html

>> the Linux Kernel Rootkits paper

>>

>> http://search.techrepublic.com.com/search/Linux+and+rootkit.html

>>

>> http://www.linuxforums.org/forum/linux-security/2510-linux-has-rootkit-problem.html

>>

>> http://www.linuxsecurity.com/content/view/127202/171/

>> 26 February 2007

>>

>> Overview

>> A rootkit is a group of software tools which an attacker can use to hide their tracks. A

>> rootkit can also contain software which allows the attacker to get root access and steal or

>> remove files on a system. Another goal for a rootkit is for the attacker to maintain access to

>> the hijacked computer. Rootkits are written for many different operating systems however, this

>> article will only talk about Linux rootkits.

>

> Possibilities, possibilities ... How many Linux boxes have been

> compromised compared to Windows boxes?

>

> Alias

I do not suffer fools gladly, and fools who ignore facts never. :-)

 

 

-Michael

 

* Mike Hall - MVP:

> I see that you are not taking any prisoners today.. :-)

>

>

> "MICHAEL" <u158627_emr2@dslr.net> wrote in message

> news:udVstfwvHHA.736@TK2MSFTNGP06.phx.gbl...

>>

>> * Alias:

>>> Back to the present. Use Ubuntu and never worry about a virus, root kit

>>> or any other

>>> malware. http://www.ubuntu.com/

>> http://www.ussrback.com/UNIX/penetration/rootkits/

>>

>> http://www.juniper.net/security/auto/vulnerabilities/vuln737.html

>> Linux Rootkit II is a collection of publicly available Trojan utilities

>> that target vulnerable

>> Linux operating systems.

>>

>> http://linuxhelp.blogspot.com/2006/12/various-ways-of-detecting-rootkits-in.html

>> Consider this scenario... Your machine running GNU/Linux has been

>> penetrated by a hacker without

>> your knowledge and he has swapped the passwd program which you use to

>> change the user password

>> with one of his own. His passwd program has the same name as the real

>> passwd program and works

>> flawlessly in all respects except for the fact that it will also gather

>> data residing on your

>> machine such as the user details each time it is run and transmit it to a

>> remote location or it

>> will open a back door for outsiders by providing easy root access and all

>> the time, you will

>> not be aware of its true intention. This is an example of your machine

>> getting rooted - another

>> way of saying your machine is compromised. And the passwd program which

>> the hacker introduced

>> into your machine is a trojaned rootkit.

>>

>> http://sourceforge.net/projects/checkps/

>>

>> http://www.chkrootkit.org/

>> http://en.wikipedia.org/wiki/Chkrootkit

>>

>> http://www.rootkit.nl/projects/rootkit_hunter.html

>> http://linux.softpedia.com/get/Security/Rootkit-Hunter-4460.shtml

>> http://en.wikipedia.org/wiki/Rkhunter

>>

>> http://www.zeppoo.net/

>> Zeppoo allows you to detect rootkits on the i386 architecture under Linux

>> by using /dev/kmem

>> and /dev/mem. It can also detect hidden tasks, modules, syscalls, some

>> corrupted symbols, and

>> hidden connections.

>>

>> http://www.theregister.co.uk/2002/09/19/linux_rootkit_hacker_suspect_arrested/

>> A 21-year old from Surbiton, Surrey has been arrested on suspicion of

>> writing and distributing

>> the T0rn rootkit, which dumbs down the process of hacking Linux servers.

>>

>> http://vancouver-webpages.com/rkdet/

>> This program is a daemon intended to catch someone installing a rootkit or

>> running a packet

>> sniffer. It is designed to run continually with a small footprint under an

>> innocuous name. When

>> triggered, it sends email, appends to a logfile, and disables networking

>> or halts the system.

>> it is designed to install with the minimum of disruption to a normal

>> multiuser system, and

>> should not require rebuilding with each kernel change or system upgrade.

>>

>> http://www.sans.org/resources/malwarefaq/t0rn_rootkit.php

>> In most cases, it's quite easy to exploit a given vulnerability and gain

>> root access to a

>> system. What's an actual challenge to an attacker is to maintain such

>> privileges and remain

>> stealthy.

>>

>> There are many options to accomplish this goal, such as deleting log

>> files, installing rootkits

>> and kernel rootkits. The main concepts described here are applicable to

>> the most rootkits

>> available.

>>

>> One of the most known rootkits available for Linux platform is the t0rn

>> rootkit, created by

>> J0hnny7. The version showed at this paper (the first one published) uses

>> pre-compiled binaries

>> and it's structure is based on Linux Rootkit (LRK).

>>

>> http://www.la-samhna.de/library/rootkits/index.html

>> the Linux Kernel Rootkits paper

>>

>> http://search.techrepublic.com.com/search/Linux+and+rootkit.html

>>

>> http://www.linuxforums.org/forum/linux-security/2510-linux-has-rootkit-problem.html

>>

>> http://www.linuxsecurity.com/content/view/127202/171/

>> 26 February 2007

>>

>> Overview

>> A rootkit is a group of software tools which an attacker can use to hide

>> their tracks. A

>> rootkit can also contain software which allows the attacker to get root

>> access and steal or

>> remove files on a system. Another goal for a rootkit is for the attacker

>> to maintain access to

>> the hijacked computer. Rootkits are written for many different operating

>> systems however, this

>> article will only talk about Linux rootkits.

>

* Alias:

> MICHAEL wrote:

>> * Alias:

>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other

>>> malware. http://www.ubuntu.com/

>> http://www.sans.org/reading_room/whitepapers/linux/901.php

>> Linux RootKits For Beginners - From Prevention to Removal

>>

>> One day while reading a mail list for the Linux Users Group in my hometown I discovered a call

>> for help. It was a posting from a novice Linux user with a disturbing issue. While doing some

>> routine checks on a Linux system, he found a user that had been added to the system with the

>> user id of 0 (root). His first thought was that it might be a rootkit. He wanted to know what

>> he could do to verify it was a rootkit and how to remove it from the system. He further asked

>> for suggestions on preventative measures to ensure this kind of attack does not reoccur. That

>> situation prompted me to write this paper to an understanding of rootkits and its effects. This

>> paper will also discuss how to monitor for a rootkit, and the steps that need to be taken to

>> remove one.

>>

>

> I never said that a firewall wasn't necessary. Ubuntu comes with one

> built-in. I would also recommend a router hard firewall.

 

"Use Ubuntu and never worry about a virus, root kit

or any other malware." -Alias

 

You said "never", you were wrong.

 

"Absolute truth" is for absolute fools.

 

 

-Michael

Spirit wrote:

> Not exactly accurate :

>

---------------------------------------

He never let the facts get in his way of outright lying.

Frank

"Mike Hall - MVP" <mikehall@mvps.org> wrote in message

news:eEs1AxwvHHA.4800@TK2MSFTNGP05.phx.gbl...

> Alias

>

> Even the educated Linux community are laughing at you.. I have never come

> across anybody so deep into denial as you.. absolutely stunning..

>

>

>

>

>

 

There are a lot more, than just the educated Linux community, laughing at

him...

 

 

 

--

Don

Mike Hall - MVP wrote:

> Alias

>

> Even the educated Linux community are laughing at you.. I have never

> come across anybody so deep into denial as you.. absolutely stunning..

>

 

No proof, eh (insults don't qualify as proof)? Everyone act surprised.

 

Alias

Spirit wrote:

> This is where you are DEAD WRONG? Windows, because of its

> popularity, is attacked more often. It is NOT because it in inherently

> more susceptible. Seems folks that write the malware really like to

> see it do as much damage as possible.

>

> Saying that Linux has less to worry about presently is true. Saying its

> because its a fundamentally more sound OS is not even close.

>

> "Alias" <aka@maskedandanonymous.info> wrote in message

> news:eDCvIqwvHHA.4384@TK2MSFTNGP02.phx.gbl...

>> Mike Hall - MVP wrote:

>>> Alias

>>>

>>> You are way too smug regarding how safe you believe Linux/Unix to be..

>>>

>>> One of the articles below explains how a Linux system can be a virus

>>> carrier without the user ever knowing.. this situation is every bit

>>> as bad as a Windows system that has been breached.. the others are

>>> from different years, but all alerting to the fact that Linux/Unix

>>> and MAC are not 100% virus immune..

 

Got proof? Didn't think so.

 

Alias

>>>

>>> I have yet to come across a 'true' Linux professional who would put

>>> their name to the misleading claims made by you.. your anti-MS stance

>>> is blinding you to the realities of ANY OS.. that makes you dangerous..

>>

>> Care to give me proof that a Linux box has been compromised? Can't?

>> Didn't think so. Shall we compare the number of Windows boxes that are

>> a part of a bot-herd to Linux? Didn't think so.

>>

>> Fact is that Windows is MUCH more susceptible than Ubuntu and, in the

>> unlikely case that one's Ubuntu box has become infected, all one need

>> do is nuke the user, create another one and restore the back up.

>>

>> Alias

>>>

>>>

>>> "Alias" <aka@maskedandanonymous.info> wrote in message

>>> news:eS2gVRwvHHA.3468@TK2MSFTNGP05.phx.gbl...

>>>> Richard Urban wrote:

>>>>> Alias doesn't know about the history of his operating system of

>>>>> choice to know that rootkits were developed for Unix and are 100%

>>>>> effective in Linux/Ubuntu.

>>>>>

>>>>

>>>> Yet there are no reports of this possibility happening so go figure.

>>>>

>>>> Alias

>>>

>

Mike Hall - MVP wrote:

> From what I briefly read this morning, you could be one of the people

> contributing to the Windows problems, blissfully unaware that you are

> doing so.. you could also be infecting other Linux systems, making them

> carriers too, and you think that is a good thing?

>

 

Proof please. Oh, you don't provide proof, only supercilious insults.

 

Alias

Peter Foldes wrote:

>> Possibilities, possibilities ... How many Linux boxes have been

>> compromised compared to Windows boxes?

>

>

> Linux users and Windows users Percentage wise both. Linux has just as many as Windows . The difference being on how many Linux OS's compared to Widows OS's

>

> If you turn around the amount of users of Linux and Windows you will find that Linux will have more and Windows less

>

> The point is that Linux is just as much at risk for infections as is Windows but on a much smaller case on account of users

>

 

And, so far, no one here has provided ONE CASE where a Linux box got

infected. All you've provided are theories and insults.

 

Yawn.

 

Alias

MICHAEL wrote:

>

> * Alias:

>> MICHAEL wrote:

>>> * Alias:

>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other

>>>> malware. http://www.ubuntu.com/

>>> http://www.sans.org/reading_room/whitepapers/linux/901.php

>>> Linux RootKits For Beginners - From Prevention to Removal

>>>

>>> One day while reading a mail list for the Linux Users Group in my hometown I discovered a call

>>> for help. It was a posting from a novice Linux user with a disturbing issue. While doing some

>>> routine checks on a Linux system, he found a user that had been added to the system with the

>>> user id of 0 (root). His first thought was that it might be a rootkit. He wanted to know what

>>> he could do to verify it was a rootkit and how to remove it from the system. He further asked

>>> for suggestions on preventative measures to ensure this kind of attack does not reoccur. That

>>> situation prompted me to write this paper to an understanding of rootkits and its effects. This

>>> paper will also discuss how to monitor for a rootkit, and the steps that need to be taken to

>>> remove one.

>>>

>> I never said that a firewall wasn't necessary. Ubuntu comes with one

>> built-in. I would also recommend a router hard firewall.

>

> "Use Ubuntu and never worry about a virus, root kit

> or any other malware." -Alias

>

> You said "never", you were wrong.

>

> "Absolute truth" is for absolute fools.

>

>

> -Michael

 

Is there an echo in here? If one has Ubuntu that comes with a firewall

and a router with a firewall how, pray tell, will anyone install a root kit?

 

Alias

Kerry Brown wrote:

> "Alias" <aka@maskedandanonymous.info> wrote in message

> news:u9nl1pvvHHA.3588@TK2MSFTNGP06.phx.gbl...

>>

>> Back to the present. Use Ubuntu and never worry about a virus, root

>> kit or any other malware. http://www.ubuntu.com/

>>

>> Alias

>

>

> Where do you think the term "root kit" came from? Is there a root user

> in Windows?

>

 

Hence the need for a firewall which Ubuntu provides. Oops.

 

Alias

Alias wrote:

 

>

> Got proof? Didn't think so.

>

 

----------------------------------

Got proof it is? Didn't think so?

You're pathetic!

Frank

Frank wrote:

> Alias wrote:

>

>

>>

>> Got proof? Didn't think so.

>>

>

> ----------------------------------

> Got proof it is? Didn't think so?

> You're pathetic!

> Frank

 

Um, insults and a lack of reading comprehension on your part do not

qualify as proof.

 

Alias

Alias wrote:

> Frank wrote:

>

>> Alias wrote:

>>

>>

>>>

>>> Got proof? Didn't think so.

>>>

>>

>> ----------------------------------

>> Got proof it is? Didn't think so?

>> You're pathetic!

>> Frank

>

>

> Um, insults and a lack of reading comprehension on your part do not

> qualify as proof.

>

> Alias

--------------------------

 

How stupid can one person be? hahaha...no need to ask. Hey butt munch,

prove your statement or STFU!

Frank

Alias wrote:

> Kerry Brown wrote:

>

>> "Alias" <aka@maskedandanonymous.info> wrote in message

>> news:u9nl1pvvHHA.3588@TK2MSFTNGP06.phx.gbl...

>>

>>>

>>> Back to the present. Use Ubuntu and never worry about a virus, root

>>> kit or any other malware. http://www.ubuntu.com/

>>>

>>> Alias

>>

>>

>>

>> Where do you think the term "root kit" came from? Is there a root user

>> in Windows?

>>

>

> Hence the need for a firewall which Ubuntu provides. Oops.

>

> Alias

 

Oops...Oops...Oops...could you possibly shove your feet any further down

your throat?

Try harder!

Oops!

You're a real side show freak.

Frank

Because the user gives it permission, albeit unwittingly? How do you think

systems get infected?

 

Re proof, two of us have provided reading material from Linux sources.. can

you not read and comprehend them?

 

 

"Alias" <aka@maskedandanonymous.info> wrote in message

news:uxAiWXxvHHA.4384@TK2MSFTNGP02.phx.gbl...

> MICHAEL wrote:

>>

>> * Alias:

>>> MICHAEL wrote:

>>>> * Alias:

>>>>> Back to the present. Use Ubuntu and never worry about a virus, root

>>>>> kit or any other

>>>>> malware. http://www.ubuntu.com/

>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php

>>>> Linux RootKits For Beginners - From Prevention to Removal

>>>>

>>>> One day while reading a mail list for the Linux Users Group in my

>>>> hometown I discovered a call

>>>> for help. It was a posting from a novice Linux user with a disturbing

>>>> issue. While doing some

>>>> routine checks on a Linux system, he found a user that had been added

>>>> to the system with the

>>>> user id of 0 (root). His first thought was that it might be a rootkit.

>>>> He wanted to know what

>>>> he could do to verify it was a rootkit and how to remove it from the

>>>> system. He further asked

>>>> for suggestions on preventative measures to ensure this kind of attack

>>>> does not reoccur. That

>>>> situation prompted me to write this paper to an understanding of

>>>> rootkits and its effects. This

>>>> paper will also discuss how to monitor for a rootkit, and the steps

>>>> that need to be taken to

>>>> remove one.

>>>>

>>> I never said that a firewall wasn't necessary. Ubuntu comes with one

>>> built-in. I would also recommend a router hard firewall.

>>

>> "Use Ubuntu and never worry about a virus, root kit

>> or any other malware." -Alias

>>

>> You said "never", you were wrong.

>>

>> "Absolute truth" is for absolute fools.

>>

>>

>> -Michael

>

> Is there an echo in here? If one has Ubuntu that comes with a firewall and

> a router with a firewall how, pray tell, will anyone install a root kit?

>

> Alias

 

--

 

 

Mike Hall

MS MVP Windows Shell/User

http://msmvps.com/blogs/mikehall/

Frank wrote:

> Alias wrote:

>

>> Frank wrote:

>>

>>> Alias wrote:

>>>

>>>

>>>>

>>>> Got proof? Didn't think so.

>>>>

>>>

>>> ----------------------------------

>>> Got proof it is? Didn't think so?

>>> You're pathetic!

>>> Frank

>>

>>

>> Um, insults and a lack of reading comprehension on your part do not

>> qualify as proof.

>>

>> Alias

> --------------------------

>

> How stupid can one person be? hahaha...no need to ask. Hey butt munch,

> prove your statement or STFU!

> Frank

 

Um, insults and a lack of reading comprehension on your part do not

qualify as proof.

 

Alias

Frank wrote:

> Alias wrote:

>

>> Kerry Brown wrote:

>>

>>> "Alias" <aka@maskedandanonymous.info> wrote in message

>>> news:u9nl1pvvHHA.3588@TK2MSFTNGP06.phx.gbl...

>>>

>>>>

>>>> Back to the present. Use Ubuntu and never worry about a virus, root

>>>> kit or any other malware. http://www.ubuntu.com/

>>>>

>>>> Alias

>>>

>>>

>>>

>>> Where do you think the term "root kit" came from? Is there a root

>>> user in Windows?

>>>

>>

>> Hence the need for a firewall which Ubuntu provides. Oops.

>>

>> Alias

>

> Oops...Oops...Oops...could you possibly shove your feet any further down

> your throat?

 

Um, I never said a firewall wasn't necessary and thinking about it isn't

either being as it comes bundled with Ubuntu.

> Try harder!

> Oops!

> You're a real side show freak.

> Frank

 

Word has it that you're a pedophile.

 

Alias

Mike Hall - MVP wrote:

> Because the user gives it permission, albeit unwittingly? How do you

> think systems get infected?

 

There are many ways that Windows boxes get infected.

>

> Re proof, two of us have provided reading material from Linux sources..

> can you not read and comprehend them?

 

Yeah, but no one case was sited.

 

Alias, still waiting for proof, not theories.

>

>

> "Alias" <aka@maskedandanonymous.info> wrote in message

> news:uxAiWXxvHHA.4384@TK2MSFTNGP02.phx.gbl...

>> MICHAEL wrote:

>>>

>>> * Alias:

>>>> MICHAEL wrote:

>>>>> * Alias:

>>>>>> Back to the present. Use Ubuntu and never worry about a virus,

>>>>>> root kit or any other

>>>>>> malware. http://www.ubuntu.com/

>>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php

>>>>> Linux RootKits For Beginners - From Prevention to Removal

>>>>>

>>>>> One day while reading a mail list for the Linux Users Group in my

>>>>> hometown I discovered a call

>>>>> for help. It was a posting from a novice Linux user with a

>>>>> disturbing issue. While doing some

>>>>> routine checks on a Linux system, he found a user that had been

>>>>> added to the system with the

>>>>> user id of 0 (root). His first thought was that it might be a

>>>>> rootkit. He wanted to know what

>>>>> he could do to verify it was a rootkit and how to remove it from

>>>>> the system. He further asked

>>>>> for suggestions on preventative measures to ensure this kind of

>>>>> attack does not reoccur. That

>>>>> situation prompted me to write this paper to an understanding of

>>>>> rootkits and its effects. This

>>>>> paper will also discuss how to monitor for a rootkit, and the steps

>>>>> that need to be taken to

>>>>> remove one.

>>>>>

>>>> I never said that a firewall wasn't necessary. Ubuntu comes with one

>>>> built-in. I would also recommend a router hard firewall.

>>>

>>> "Use Ubuntu and never worry about a virus, root kit

>>> or any other malware." -Alias

>>>

>>> You said "never", you were wrong.

>>>

>>> "Absolute truth" is for absolute fools.

>>>

>>>

>>> -Michael

>>

>> Is there an echo in here? If one has Ubuntu that comes with a firewall

>> and a router with a firewall how, pray tell, will anyone install a

>> root kit?

>>

>> Alias

>

* Alias:

> MICHAEL wrote:

>> * Alias:

>>> MICHAEL wrote:

>>>> * Alias:

>>>>> Back to the present. Use Ubuntu and never worry about a virus, root kit or any other

>>>>> malware. http://www.ubuntu.com/

>>>> http://www.sans.org/reading_room/whitepapers/linux/901.php Linux RootKits For

>>>> Beginners - From Prevention to Removal

>>>>

>>>> One day while reading a mail list for the Linux Users Group in my hometown I

>>>> discovered a call for help. It was a posting from a novice Linux user with a

>>>> disturbing issue. While doing some routine checks on a Linux system, he found a user

>>>> that had been added to the system with the user id of 0 (root). His first thought was

>>>> that it might be a rootkit. He wanted to know what he could do to verify it was a

>>>> rootkit and how to remove it from the system. He further asked for suggestions on

>>>> preventative measures to ensure this kind of attack does not reoccur. That situation

>>>> prompted me to write this paper to an understanding of rootkits and its effects. This

>>>> paper will also discuss how to monitor for a rootkit, and the steps that need to be

>>>> taken to remove one.

>>>>

>>> I never said that a firewall wasn't necessary. Ubuntu comes with one built-in. I would

>>> also recommend a router hard firewall.

>> "Use Ubuntu and never worry about a virus, root kit or any other malware." -Alias

>>

>> You said "never", you were wrong.

>>

>> "Absolute truth" is for absolute fools.

>>

>>

>> -Michael

>

> Is there an echo in here?

 

Only the echoes of your foolish nonsense.

> If one has Ubuntu that comes with a firewall

 

So does Vista.

> and a router with a firewall how, pray tell, will anyone install a root kit?

 

You never stated that in your original reply.

 

"Use Ubuntu and never worry about a virus, root kit

or any other malware." -Alias

 

I see no mention of using additional security measures.

 

Now you bring up the "ifs". If a Window user properly

secures their machine, they will not suffer from rootkits, either.

 

Amazing that there are programs for Linux rootkit removal

when there are no Linux machines getting infected.

 

Amazing such warnings, as the below, exist if no Linux users were being

infected.

 

http://www.juniper.net/security/auto/vulnerabilities/vuln734.html

Severity: HIGH

Description:

The Satori Linux Rootkit is a collection of publicly available Trojan utilities that target

Linux systems. It is also known as Linux Rootkit 4 and is distributed by The Crackers Layer.

Based on the original Rootkit Trojan utilities, Satori provides similar functionality it

replaces system utilities with backdoor versions that allow attackers to steal system

information, monitor activities, spawn root shells, and take control of a target machine.

 

Satori is either installed by other Trojans or worms, or by attackers exploiting other system

vulnerabilities. An attacker may also be able to trick users into installing Satori onto their

systems.

 

Affected Products:

Linux Kernel Many

--------------------------------------

 

Amazing that there's another Linux Rootkit detector,

RKProfiler LX, if there are no Linux rootkit infections.

These people/programmers/companies must just like

to waste their time coming up with these useless products.

 

http://weblog.infoworld.com/securityadviser/archives/2007/02/new_linux_rootk.html

New Linux rootkit detector.

RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler

Module" (RKPmod) and a data interpretation component called "Rootkit Profiler Console"

(RKPconsole).

 

RKPmod is a kernel module that gets loaded on the system that should be checked for the

presence of a kernel rootkit. There are other ways to perform data collection, but currently

only this approach is publicly available.

 

http://www.trapkit.de/research/rkprofiler/rkplx/rkplx.html

RKProfiler LX currently supports the following Linux Distributions:

 

- SUSE Linux Enterprise Server 10 (x86, 32-bit)

- SUSE Linux Enterprise Desktop 10 (x86, 32-bit)

- Ubuntu 7.04 (x86, 32-bit)

- openSUSE 10.2 (x86, 32-bit)

 

 

Amazing how foolish you really are.

 

Carry on.

 

 

-Michael