An average article about Worms and Viruses...

From: Chris Fazekas <linux_at_no.spam.please>
Date: Mon Sep 15 2003 - 23:34:02 CST

> > That's great! Although I think that if we migrate away from MS
> > products, people will just try that much harder to find security
> > problems in other software, and we will have a similar, yet less brutal,
> > situation.
>
> The problem, as I see it, is the fact we have a near homogenous network.
> If every machine is vulnerable to the same exploit, a carefully deployed
> exploit can take down every machine. It doesn't matter if the
> network is 100% Linux, 100% MacOS, or 100% Microsoft... the problem
> is too many of one OS. If we had a world of 16% MS, 16% Linux, 16%
> MacOS, 16% FreeBSD, 16% BeOS, and 20% OpenBSD, a single exploit
> could take down, at most, 16% of the network -- not the 80 or 90%
> situation we have now.
>
> I'm not looking for world domination by Linux. That would give us
> the same problem we have now, except I would be part of it rather
> than watching from the sidelines. We need a bigger variety of OSes.
>
> I am reminded of the great potato famine, of which I know very
> little. Apparently, nearly the entire potato crop of Ireland was
> wiped out by a virus. The first problem was the single strain of
> potato planted by everyone meant that a virus which that strain had
> no resistance to could wipe out nearly 100% of the year's crop. If
> there had been 4 strains, equally planted, a virus which attacked a
> particular strain would have left 75% of the year's crop. The
> second problems was the people's near 100% reliance on potatos for
> food. They literally starved because they didn't have potatos. If
> people had a more varied diet, they could have survived. It's
> really the same story in a different time.

I agree with most of your summary. A group of 16% share-holders will
obviously never happen. I also agree that either 100% of Windows, or 100% of
Linux, or 100% Mac will all lead to the same outcome no matter how you look
at it... the mass of Spams & Viruses will always be directed towards the
greater (market) percentage.

So, why is Microsoft targeted now? Mainly because it is the 'big gun', and
it has numerous ongoing security issues (sigh). So why isn't Mac nor Linux
targeted more heavily? Well, they are not used in large by the 'common' user,
(common - being one who doesn't know how to update their O/S with security
patches*, run a virus scanner, nor firewall, or type with more than one
finger, toe, etc).

*Not that updating (windows) helps these days, since downloading a Microsoft
patch actually gives you a Virus / Exploit?

And the solution is? In my humble opinion, a good start would be brute
strength Spam & Virus protection at the core of the entire email system, the
mail servers.

"Hackers of the world unite" -- Hackers.

Yes many ISP's, hosting companies, etc, provide some sort of 'Spam & Virus
protection', but the mass of the viruses will not be overcome until everyone
adopts a common goal of 'death to Spam & Viruses', or 'Death to Spammers &
Malicious Coders'?

Server apps such as MailScanner, SpamAssassin, in conjunction with a Virus
scanner, etc, all help, but I believe that starting with a larger 'Spam &
Virus Cataloging' type system, such as 'vipul's razor'
[http://razor.sf.net/], (for example) would be the right direction to go.

“Vipul's Razor is a collaborative spam-tracking database, which works by
taking a signature of spam messages. Since spam typically operates by sending
an identical message to hundreds of people, Razor short-circuits this by
allowing the first person to receive a spam to add it to the database -- at
which point everyone else will automatically block it. " – spamassassin.org

This technique could be used in real time, on multiple Mail Servers, for Spam
& Virus Protection.

BTW, I know that 'spammers' use many different techniques to get us
our 'penis enlargement' and 'generic viagra' emails, like renaming text into
numbers, creating the 'Spam' as an image and imbedding it into HTML code.

So what can I do to save the world? Not too much at the moment, but ramble
in length to you, my fellow man and/or woman.. and continue setup my mail
server(s) to block as many Spams & Viruses as possible..

Cheers and good luck,

Chris "Zeke" Fazekas
‘Systems & Network Administrator’
chris@fazekas.net
Received on Mon Sep 15 23:34:02 2003

This archive was generated by hypermail 2.1.8 : Mon Mar 06 2006 - 18:35:12 CST