That having been said, I want to restate what I said, which is a non-i386 machine that runs the old BIND is vulnerable to something nasty happening. However, this particular worm uses the 't0rn' rootkit. This particular rootkit makes use of i386 binaries. This means that you must meet two qualities to be susceptible to this worm: run BIND < 9.0 and be on i386. BIND exploits are universal because the software is running.
update: probably you would also have to be running a redhat based distro or have your syslogd and other files in the standard places (such as logs and binaries), as well as not firewalling ports youre not using. this kind of worm makes people running the default install very very easy targets. you cant hurt what you cant see...
The same applies to java. It just isnt applicable if the platform in question doesnt have a jre (or is the term jvm? ive lost track of all the javalingua).
Let us not forget that the media is hype-centric. They would like to tell us that there is a security exploit in the sky and that soon it will be falling on all of us. all of us. In truth this is an overstatement, but the details get omitted as they are largely not relevant to many people (such as those who promptly told me in the CB that nobody they know uses linux on non-i386).
deprecated removes the dead horse from everyone's sight to prevent further beatings...
brother dep.
proud supporter of unix on PowerPC
--
Laziness, Impatience, Hubris, and Generosity.
In reply to Re: Re: Re: BIND exploit
by deprecated
in thread WORM: Warning to all LINUX/PERL monks
by scottstef
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |