Hewlett-Packard Makes the Switch from Linux to Windows NT Due to Virus Danger

25 Jan 2001
Virus News

Kaspersky Anti-virus repels all infections!

As reported by the Japanese information agency Nikkei Business Publications (NBP) (http://www.nikkeibp.asiabiztech.com/wcs/leaf?CID=onair/asabt/news/121743), during the period of December 17-19, 2000, nearly 1,500 users downloaded programs from Hewlett-Packard (HP) that had been infected by the Windows virus FunLove.

The virus, which was first detected in November 1999, in all accounts appears to have ended up on the HP corporate site from an Australian affiliate of the company involved in program development. In order to avoid a repeat of this incident, HP has made the decision to switch the Australian servers from the Linux operating system to Windows NT Server. According to an HP company representative, the reason for this switch is the inability to implement an effective anti-virus that checks server contents due to the fact that there currently exists no anti-virus for Linux that automatically scans all used files in real time. As reported, the lack of appropriate virus protection is the reason for the FunLove virus penetrating the HP Web site.

It is needless to say that this incident would not have happened if HP had been using an anti-virus monitor, which is a part of Kaspersky Anti-Virus for Linux. The monitor allows for the interception of all file operations in real-time (writing, opening and initialization of files) and automatically performs a virus check of files being used. In addition to the monitor, Kaspersky Anti-Virus for Linux also includes an anti-virus scanner for checking files on-demand, anti-virus daemon (scanner with an optimized procedure for loading into memory), updating system for automatically downloading and enabling of the daily anti-virus database updates via the Internet, and a friendly interactive user interface for configuring the program. The server version of Kaspersky Anti-Virus for Linux also includes a ready-made solution for integrating a centralized virus scanning for incoming and outgoing e-mail correspondence for Sendmail and Qmail gateways.

"Kaspersky Lab was the first to develop a comprehensive, integrated virus defense system for Linux at the beginning of 1999. Today, this is the most advanced and reliable anti-virus solution for Linux as confirmed by the many years of successful application use by enterprises from all around the world. Kaspersky Anti-Virus for Linux enables users to integrate an unbeatable protection against all types all computer malware into corporate networks of any size and complexity," said Natalya Kaspersky, Kaspersky Lab CEO.

The NBP news states that FunLove is a rather harmless Windows computer. It only increases the size of the Windows 95/98/NT 4.0 files when infecting them. At the same time, HP officials said nothing about the other payload this virus carries that is much more dangerous than just increasing file size. FunLove modifies the Windows kernel and disables the checking of the passwords entered by a user. As a result, any password submitted by a user is identified by the infected system as correct, thus allowing anyone to gain access to the computer's restricted areas. In addition, the virus disables the system's user's access rights limitations so that any user, even if he or she doesn't have root privileges, can gain full access to all of the system resources. In order to neutralize the operating system's response to any modifications in a Windows kernel (by default, Windows NT automatically restores the kernel in case it has been modified), FunLove also disables the Windows built-in integrity control system.

More detailed technical information about the FunLove virus can be found in Kaspersky Virus Encyclopedia.

Kaspersky Anti-Virus for Linux (as well as other versions of the program) can be purchased in Kaspersky Lab online store or from your nearest Kaspersky Anti-Virus distributor.