From owner-freebsd-questions@FreeBSD.ORG Thu Aug 7 08:06:17 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6894437B401 for ; Thu, 7 Aug 2003 08:06:16 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5CFE543F85 for ; Thu, 7 Aug 2003 08:06:14 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h77F60D0037084 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 7 Aug 2003 16:06:10 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h77F60jK037083; Thu, 7 Aug 2003 16:06:00 +0100 (BST) (envelope-from matthew) Date: Thu, 7 Aug 2003 16:06:00 +0100 From: Matthew Seaman To: Steven Lake Message-ID: <20030807150600.GC35771@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Steven Lake , freebsd-questions@freebsd.org References: <5.2.0.9.2.20030807105033.009d27c0@192.168.0.25> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+nBD6E3TurpgldQp" Content-Disposition: inline In-Reply-To: <5.2.0.9.2.20030807105033.009d27c0@192.168.0.25> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-8.5 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT autolearn=ham version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-questions@freebsd.org Subject: Re: Viruses on Freebsd? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Aug 2003 15:06:17 -0000 --+nBD6E3TurpgldQp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 07, 2003 at 10:52:21AM -0400, Steven Lake wrote: > Just curious if there were any actual viruses out in the wild that=20 > were written to run on a freebsd system. I know Windows has gobs of the= m,=20 > mac has a number, but most are dead and linux has had a few that quickly= =20 > fizzled. But I've never heard of any ever being written for Freebsd or a= ny=20 > of the bsd's. Were there any and if so how many? >=20 > Or is there a site I can go to that lists how many viruses have been=20 > written for each platform such as mac and windows and linux? About the only bit of Malware that had any noticable affect and that used FreeBSD as a vector was the Scalper worm: http://securityresponse.symantec.com/avcenter/venc/data/freebsd.scalper= =2Eworm.html Even so, it's impact was tiny, and an update to fix the server chunck encoding stack overflow vulnerability in apache was very quickly available. All of the AV vendors have online virus encylopaedias you can search, or SecurityFocus has a searchable database of vulnerabilities categorized by vendor at http://www.securityfocus.com/bid/vendor but in general FreeBSD is not an attractive target to the writers of such things, so very few active exploits exist. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --+nBD6E3TurpgldQp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/MmrYdtESqEQa7a0RAvBRAJ0ZTtZZDRm8l4VtF/Np48D3VyqbMwCfaqz9 qQv9legQ4pml6+oXLmgorqo= =hEMM -----END PGP SIGNATURE----- --+nBD6E3TurpgldQp--