PUNE: In a statement issued here, Red Hat India officials maintained that the
solution to the Lion worm virus was available on the Red Hat Web site since
January 2001. The Lion worm virus is known to be capable of changing network
settings, stealing passwords and eliminating some security measures making the
machines vulnerable to further attacks.
"There has been a flurry of discussions surrounding the Lion worm virus.
Though the bug is now getting notoriety, Red Hat has had the patches available
for its customers on the Red Hat Web site and through the Red Hat network since
January 2001," said Red Hat India director, Javed Tapia.
The Red Hat network provides customers with automated updates and patches.
Anyone connecting to the Internet on a constant basis can install patches issued
by the vendor.
The Lion worm virus uses security exploits in BIND–which were originally
discovered by computer researchers–and affect Red Hat Linux versions 5.x 6.x
and 7 running ISC BIND.
Lion is a new worm very similar to the Ramen worm. It infects Linux machines
with the BIND DNS server running. It is known to infect the BIND version. The
Lion worm was spread via an application called randb. Randb scans random class B
networks probing TCP prot 53. Once it hits a system, it then checks to see if
that system is vulnerable. If so, it then exploits the system using the name. It
then installs the torn rootkit.
Red Hat India is a joint venture between Red Hat Inc., and Clover
Technologies. 0Red Hat is largest open source company in the world with a market
share of 65 per cent.