LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

not enough to say you're just the messenger

not enough to say you're just the messenger

Posted Apr 9, 2006 16:01 UTC (Sun) by copsewood (subscriber, #199)
In reply to: big deal by cate
Parent article: Crossplatform virus - the latest proof of concept

Yes and ClamAV. It's not enough for a platform just to prevent threats to itself directly, unless it's only a client/desktop/workstation. If a Linux/Unix installation is used as a mail server, file server or router to relay and replicate (e.g. as in list email) messages sent between less well secured systems, then those like myself who are responsible for these servers need to take steps to avoid these being a part of the malware transmission problem even if we are just the messenger and not the sender. In principle this is very much the same kind of issue as applies to those running open mail relays which are not originating spam, but which by relaying and replicating it are disguising the origins of it and making the problem worse for the recipients. If one of my Mailman email lists receives a virus and replicates it, this is part of my problem, even if the virus is incapable of executing on my Linux server.

The same argument also applies to those responsible for routers which are carrying impossible source network addresses within IP packets used to carry out DDOS attacks to disguise the zombies responsible.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds