mailing list archives
Re: and here are some answers [was: Quarantine your infected users spreading malware]
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 21 Feb 2006 14:33:57 +0200
Simon Waters wrote:
I've seen 95% quoted - certainly my experience if you go looking for malware
in recent Windows desktop machines using IE and Outlook it is pretty much a
certainty you'll find it. Most of these tools I was using didn't detect the
Sony Rootkit, or other malware, so this will always be an underestimate of
the true extent of the problem, unless one uses fingerprinting and packet
inspection as the tools of choice for malware detection.
This is very much a Windows only problem, it doesn't affect desktop users of
other systems at all, possibly in part because they lack critical mass, but
also because they have more sensible security models. Largely it is an
Outlook and IE problem.
Hi Simon, this is indeed a Windows problem due to Microsoft being a
mono-culture in our desktop world. Still, there are botnets constructed
from other OS's as well. Also, C&C servers are mostly *nix machines.
"Out of the box is where I live".
-- Cara "Starbuck" Thrace, Battlestar Galactica.