First page Back Continue Last page Overview Graphics
Linux Viruses and Such
Malware Timeline (cont'd)
May 6, 2002. Red Hat Software, Inc. started defaulting to enabling IP-filtering enabled, with its shipment of Red Hat 7.3.
Mar-May 2003. monkey.org and irssi.org sites compromised, leading to backdooring of dsniff, fragrouter, fragroute, and Irssi source tarballs. Detected seven days later, GnuPG signing of source releases commenced. 2,000 downloads.
Jan. 25, 2003. “SQL Slammer” worm, AKA Sapphire or Slapper, subverted an estimated quarter-million Windows boxes within about ten minutes. Saturated entire Internet in ½ hour.
Nov. 5, 2003: Attempt failed to plant a backdoor into the Linux kernel via a subtle addition, disguised as a two-line enhancement to the sys_wait4 function's error-checking in file exit.c. Change planted at a CVS-checkout site (kernel.bkbits.net) housing copy of the BitKeeper tree was caught by an automated integrity check.
Notes: