Date: Sat, 24 Nov 2018 18:33:10 +0000 From: Steve O'Hara-Smith <steve@sohara.org> To: freebsd-questions@freebsd.org Subject: Re: New Virus that targets *.nix Message-ID: <20181124183310.4fe909176af298ba30d91b3a@sohara.org> In-Reply-To: <20181124175844.6115411.91608.68576@shaw.ca> References: <DM5PR20MB210207A5208820C5F435CC1580D50@DM5PR20MB2102.namprd20.prod.outlook.com> <20181124175844.6115411.91608.68576@shaw.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 24 Nov 2018 10:58:44 -0700 (MST) Dale Scott <dalescott@shaw.ca> wrote: > I don't know about everyone else, but considering my general lack of > success running Linux shell scripts in general on FBSD, I don't think > I'll panic just yet. ;-) If it's well written (and it sounds like it may well be) then it has a good chance of being very portable indeed. If so then the only real defense is to try and keep it outside the circle of trust and to remove all keys not secured by passphrase, switch to two factor authentication or do something that frustrates credential stealing to contain it if it does get in. It reads like the Morris worm on steroids, it has the potential to go through insufficienty secure big server farms like a dose of salts. For now I'm hoping that not having any credentials on anything reachable from outside is good for containment provided I don't let it loose from email or a download which would be stupid. There are no email or download clients here that will run an executable attachment of any kind, I'd have to save it, chmod it and run it - nah not doing that. -- Steve O'Hara-Smith <steve@sohara.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181124183310.4fe909176af298ba30d91b3a>