not enough to say you're just the messenger
Posted Apr 9, 2006 16:01 UTC (Sun) by copsewood
In reply to: big deal
Parent article: Crossplatform virus - the latest proof of concept
Yes and ClamAV. It's not enough for a platform just to prevent threats to itself directly, unless it's only a client/desktop/workstation. If a Linux/Unix installation is used as a mail server, file server or router to relay and replicate (e.g. as in list email) messages sent between less well secured systems, then those like myself who are responsible for these servers need to take steps to avoid these being a part of the malware transmission problem even if we are just the messenger and not the sender. In principle this is very much the same kind of issue as applies to those running open mail relays which are not originating spam, but which by relaying and replicating it are disguising the origins of it and making the problem worse for the recipients. If one of my Mailman email lists receives a virus and replicates it, this is part of my problem, even if the virus is incapable of executing on my Linux server.
The same argument also applies to those responsible for routers which are carrying impossible source network addresses within IP packets used to carry out DDOS attacks to disguise the zombies responsible.
to post comments)