wwp@yahoogroups.com:
Re: Mac Virus - 25 Oct 2004
Markus Altendorff 2004-Oct-25 22:13:00
Dave 360texas.com wrote:
>
> Mac Users suggest you read this immediately.
>
> "Sophos is warning Mac users about a malware ? refered to as both a
> virus and a worm by the company ? that can disable Mac OS X's built
> in firewall, steal personal information, and destroy data. "
>
> http://www.macworld.co.uk/news/index.cfm?NewsID=9974&Page=1&page...
>
> Dave (PC user but still looking out for others)
Thanks for the reminder, but (as is so common these days when it
comes to "Mac viruses") this thing is totally blown out of
proportion (guess Sophos wants to sell a few more packages of
"virus protection"). This "Renepo" software is what is in Unix
circles commonly called a "Root Kit" - i.e. if it's installed on
a computer, it hides its existence and allows for remote
monitoring and control of the machine with the permissions of a
system administrator.
Reality check: "Renepo" or "Opener", as it's real name is, does
NOT have any reproduction routine. It DOES NOT spread. And, like
most of the Unix tools, you've got to actually install it
YOURSELF. D'oh. Like "Apple Remote Desktop" for the hacker guys ;-)
OK, so: if you've allowed remote login on a machine AND you've
got a weak (i.e. easily guessable, short or common name)
password, then there IS a chance someone could hack into your
machine just by trying every possible combination. However, this
risk was there ever since you've hooked your Mac up to the
internet...
So, don't panic. But stay alert, and don't double-click just
about anything you downloaded off the internet - THE RENEPO IS
OUT THERE ;-)
-Markus