Linux Today: Linux News On Internet Time.

Security Portal: Top Ramen - Noodles for Script Kiddies

Jan 22, 2001, 23:07 (1 Talkback[s])
(Other stories by Ken Dunham)

"Script kiddies, common Internet vandals, have attacked the Red Hat Linux community with a new malware threat this week, the Ramen worm. Ramen exploits several well-known vulnerabilities on Linux servers using default installations of Red Hat's Linux 6.2 and 7.0. Upon infection, Ramen modifies and deletes several files, displays a visual payload, disables anonymous FTP, and scans random class B subnets for vulnerable hosts to infect them."

"Ramen gets its name from a visual payload that appears on the screen of infected Web servers. Once a Web server is infected the main page displays a message: "Hackers looooooooooooove noodles," signed by "RameN Crew," with a picture of "Top Ramen" noodles at the bottom of the screen...."

"The Ramen worm is similar to the Morris Internet worm of 1989. Morris, whose father was a Unix expert and head of the National Security Council at the time, reportedly created the Internet worm to expose Unix vulnerabilities largely ignored by the Internet community. In this same way, users of Red Hat Linux today are at risk if they too have ignored important updates and patches to best secure Linux servers."

Complete Story

Related Stories: