Re: Bliss Virus (fwd)

Jared Mauch (
Sat, 8 Feb 1997 12:12:49 -0500 (EST)

Can this discussion leave the linux-kernel list?

That's what linux-security and other security related lists are

Thanks. graced my mailbox with this long sought knowledge:
> In message <>, Seth Edward
> s writes on very interesting note:
> > The Bliss virus is currently a Linux binary-infecting virus.
> > Unfortunately, please do not feel your safe.
> OK, I won't feel my safe... :)
> > The author has stated that his code runs "fine" on Sun Solaris and SunOS,
> > as he used little Linux specific code. I don't know if the source code
> > for this is available, although I do know that it is being dis-assembled
> > as we speak.
> >
> > I might also add that I tested it on FreeBSD, running an infected Linux
> > binary via Linux emulation. This test proved that even the Linux strain
> > can infect FreeBSD machines with emulation.
> Sure, if through some miracle the system let it run in a ring 0
> environment.
> > packages). Also, consider using switching hubs and/or smart hubs in
> > "secure" mode. (there is usually a mode to scramble all packets not going
> > to the remote MAC address). I also recommend firewalls, and routine
> This won't help you since any leg with a machine on it cannot be
> scrambled. If it were, the machine(s) would not be able to see it...
> > backups/compares (WITH WRITE PROTECTED TAPES!). While you are at it, make
> > sure you are running new sendmail.
> Oh I see, this is a conspiracy! :)