[ILUG] Porting MyDoom to Linux

[Conor_D_Wynne at Dell.com]

 wrote:
> On Tue, 3 Feb 2004 09:34:47 -0800
> Rick Moen <rick at linuxmafia.com> wrote:
> 
>> Quoting Chris Higgins (chris.higgins at darach.ie):
>>>> * Convince the victim to unpack and execute binary mail
>>>> attachments
>>> 
 
> What do _you_ do with attached .ps .pdf .jpg .gif files in your
> MUA ? You probably hand the binary file information off to an
> application which processes it and displays it. What is the
> fundamental difference between that, and 'executing' a binary. (
> Other than the fact that 'executing' a binary requires a 'chmod +x' ).
> 
> So 'view'/'execute' are the same thing - (if you want to split hairs,
> and I'm in a hair-splitting mood at the moment).
> 
> To answer your question then, "do I mean view OR execute". My
> answer is "Yes" :-)

Well, all the attachments I get I do a "file" on them to be sure I know what
they are. A recent one was document.pif [SobigF AFAIR], which I kindly
thanked my insurance company for sending me, and promptly sent it back
advising them to update their antiv. db.

Also, windows, ALL versions with the possible exception of windows2003 [but
that a server OS] give full "root" access to the default user, this does not
happen in nix. If you have su access, then your the administrator and
therefore your should know better.

But my point is, windows give root to al by default, nix does not. An
up2date windows box and linux box are compared, virus run on both boxes, all
windows "home directories" are likely affected, including admins, on nix,
only the silly user is affected, all other users are not.