[unisog] AV for MACS

BACHAND, Dave (Info. Tech. Services) BachandD at easternct.edu
Mon Dec 6 18:03:15 GMT 2004


Don't recall which viruses anymore.  To be honest, the Wintel viruses
are so many that the MAC viruses get lost in the shuffle.  The point was
simply that the MAC OS is not invulnerable, and that to think it is is
just inviting a mass virus outbreak.

The web defacement was from someone using I think it was an old version
of Apache that hadn't been patched.  

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Julian Y. Koh
Sent: Monday, December 06, 2004 11:50 AM
To: UNIversity Security Operations Group
Subject: RE: [unisog] AV for MACS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 09:42 -0500 12/06/2004, BACHAND, Dave \(Info. Tech. Services\) wrote:
>I HAVE seen MAC viruses

Which ones, specifically?

>, and I HAVE seen MAC web
>servers defaced when they failed to keep their machines patched.

Were the servers compromised through an unpatched piece of software, or
just
via a weak username/password/configuration?  If the former, specifically
which ones?

There's a big difference.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html>

iQA/AwUBQbR/pg5UB5zJHgFjEQI3VgCeOlVg+y0c+ZZfGMMw+VFb5OBF+JoAoNb7
2cjTXDNt/MSjE9d1XMoxwMGG
=6RMf
-----END PGP SIGNATURE-----

-- 
Julian Y. Koh                         <mailto:kohster at northwestern.edu>
Network Engineer                                   <phone:847-467-5780>
Telecommunications and Network Services         Northwestern University
PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog



More information about the unisog mailing list