Good afternoon,
Morning is gone, so I stay away from the Good Morning Ireland discussion
- worry not.
I was just wondering how difficult it would be to port MyDoom to Linux.
Sorry for imposing my thoughts..
Suppose there would be something like MyDoom 0.1-alpha on SourceForge. I
think, the TODO file could probably read like this:
* Convince the victim to unpack and execute binary mail attachments
* Find a means to scan for email addresses in the user's data
* Mass email to the addresses found
* Upon execution of the attached binary, install a backdoor server that
listens to certain ports,
some of which with low numbers. Must run as non-root. Should keep
listening after logoff. (xinetd?)
* Have this server accept connections from anywhere.
* Make all this possible wihout w/o requiring a previously installed
root kit. The program should
attack plain desktops where no servers are running.
* Do all this without write access to /etc. We are not root.
Perhaps after a few weeks of hard work and testing, an entry would be
added to CHANGELOG:
* Major rewrite of the code. Forced to switch to another OS.
Have a nice day (it rains here),
Frank
--
Did you know that if you play a Windows XP cd backwards, you
will hear the voice of Satan?
That's nothing! If you play it forward, it'll install Windows XP.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
