All the latest UK technology news, reviews and analysis
|
|
|
15 Mar 2002
Following on from this week's discovery of the Jac Linux virus, an open source hacker from the University of Linz, Austria, has released a definitive guide to writing Linux viruses.
The Jac virus was discovered on Tuesday and quickly dismissed by the Linux community for its inability to spread effectively - a common occurrence in Linux viruses.
Further reading
But yesterday, Alexander Bartolich released "the Linux virus writing howto".
"This document describes how to write parasitic file viruses infecting ELF executables on Linux/i386. Though it contains a lot of source code, no actual virus is included," reads the abstract for the site.
Bartolich said that "an astonishing number of people think that viruses require secret black magic."
This may not be entirely the case, but "writing a program that inserts code into another program file is one thing. Writing that program so that it can be inserted itself is a very different art."
In his White Paper, Bartolich shows code and techniques for constructing ELF (Executable and Linking Format) infecting code, which he claims is not a "Construction Kit for Dummies".
"Since regular users can't overwrite system files (we are talking about serious operating systems here) that is not even half the journey," he said.
"To make any impact you need root permissions. Either by tricking the super user to run your virus, or combining it with a root-exploit. And since all popular distributions come with checksum mechanisms, a single command can detect any modification. Unless you implement kernel-level stealth functionality."
Bartolich then goes on to describe and demonstrate how to build said virus. "You may have heard that Linux is a difficult target for malware because there are so many different distributions," he said.
"Well, basically they all use the same compiler, producing the same idiosyncrasies. This allows us to cheat in big style," he said.
Although Bartolich identifies techniques and tools for Linux virus writing, the task itself is considerable. Bartolich acknowledges that he wrote the document to combat FUD (fear, uncertainty, doubt) and not to give script kiddies a leg up.
The full White Paper can be found here.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
A leading global provider of critical information to...
Playstations and table football in the kitchen? Standard...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?