Trojan Horses - KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER Administrator's Manual

Hide thumbs Also See for ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER:

Administrator's manual (224 pages)

User manual (64 pages)

User manual (123 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

page of 145

/ 145
Contents
Table of Contents
Bookmarks

Table of Contents

Appendix B

ELF_SNOOPY – A virus that infects executable Unix files.

The virus operation algorithm: This finds all the executables on the

workstation, renames them changing their extension to .X23 and

places them into the directory /E it creates. Then the virus copies its

code into the original files and changes their attributes to 777. At

the same time a new user snoopy, also with the rights 777, is

created in the mail password list on the infected workstation.

Linux.Bliss – A group of nonresident viruses targeting Linux executables.

These viruses are written in GNU Ñ and have the ELF format.

The virus operation algorithm: After starting, the virus searches the

workstation for executable files and infects them, shifting the file

contents down, writing its own code in the cleared space, and

adding its ID line in the end of the file. The activity of the virus is

limited by the user rights, i.e. it only infects files that can be

accessed with the current user rights. If the user has system

privilege, the virus can spread throughout the computer.

Linux.Diesel – Not dangerous, non-resident Linux-virus that infects Linux

executable files.

The virus operation algorithm: Having started, the virus reads its binary

code from the carrier file, searches the system directories for Linux

executable files and writes its code in the middle of each file's code,

thus increasing the size of the last section.

Linux.Siilov – Not dangerous, Linux-virus that targets executable files. Has

the ELF format.

The virus operation algorithm: It uses two methods to infect files:

resident and nonresident. Resident method: the virus remains in

the system memory and infects files in the background mode. Non-

resident method: the virus searches the disk for executable files

and infects them.

Linux.Winter – A harmless, nonresident Linux-virus. It has a very small

size, as little as 351 bytes.

The virus operation algorithm: After starting, the virus gains control,

searches for ELF-files (Linux executable files) in the current

directory and infects them.

B.2. Trojan horses

A Trojan horse is a program that executes actions not authorized by the user.

When starting, a Trojan installs itself in the system and begins monitoring it. The

user is given no messages about the Trojan's actions in the system. The

computer becomes open to remote control.

Trojans are spread via networks.

128

Table of Contents

Need help?

Do you have a question about the ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER and is the answer not in the manual?

Trojan Horses - KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER Administrator's Manual

Need help?

Related Manuals for KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER

Related Content for KAPERSKY ANTI-VIRUS 5.0 - FOR LINUX FREEBSD-OPENBSD MAIL SERVER

Table of Contents