LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 09-18-2011, 01:28 AM   #1
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Rep: Reputation: 62
Linux viruses/malware?


I just wondered if it's still true that there are few or no proven Linux viruses known to exist. When I checked a couple of years ago, the information I found seemed to indicate that there are either very few or none at all (in the wild).
 
Old 09-18-2011, 01:55 AM   #2
Thor_2.0
Senior Member
 
Registered: Nov 2007
Location: Somewhere on my hard drive...
Distribution: Manjaro
Posts: 2,192
Blog Entries: 23

Rep: Reputation: 278Reputation: 278Reputation: 278
Hi,

This theory still holds water: a virus can, if at all able to infect, merely exist in RAM. Infection on disk is not likely with a virus...

Thor

Last edited by Thor_2.0; 09-18-2011 at 01:57 AM.
 
Old 09-18-2011, 02:38 AM   #3
cascade9
Senior Member
 
Registered: Mar 2011
Location: Brisneyland
Distribution: Debian, aptosid
Posts: 3,718

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
The wikipedia page on linux malware is worth looking at. Lots of refered links, etc..

http://en.wikipedia.org/wiki/Linux_malware
 
Old 09-18-2011, 03:45 AM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
They do exist, but if you manage your system well, you will very likely not be affected by them. No, I'm not saying that you must run anti-virus, as I rarely run it. I'm saying that you should abide by the security standards, and do things like run as root, use Ubuntu, etc.
 
Old 09-18-2011, 10:39 AM   #5
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 751

Rep: Reputation: 170Reputation: 170
Virus

Viri are rare in the linux world, but there are worse things. I have had client machines hacked and a range of rootkits and worms or trojans installed. I suggest running clam antivirus and rootkithunter daily, and getting familiar with the resulting reports. I also have logwatch mail me a summary, and read it daily.

If you can totally recover the machine in a couple of hours by reinstalling (my laptop, for example), then it is not worth this degree of attention. I do and recommend this only for the critical servers.

Anyone who claims that threats do not exist for the platform, has either never been hit by one, or was and blamed the results on hardware failure or operator error. They DO exist, they ARE bad, but you ARE safer with Linux than with anything from Microsoft since MS-DOS 6.0!
 
Old 09-18-2011, 11:06 AM   #6
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Original Poster
Rep: Reputation: 62
Quote:
Originally Posted by wpeckham View Post
Viri are rare in the linux world, but there are worse things. I have had client machines hacked and a range of rootkits and worms or trojans installed. I suggest running clam antivirus and rootkithunter daily, and getting familiar with the resulting reports. I also have logwatch mail me a summary, and read it daily.

If you can totally recover the machine in a couple of hours by reinstalling (my laptop, for example), then it is not worth this degree of attention. I do and recommend this only for the critical servers.

Anyone who claims that threats do not exist for the platform, has either never been hit by one, or was and blamed the results on hardware failure or operator error. They DO exist, they ARE bad, but you ARE safer with Linux than with anything from Microsoft since MS-DOS 6.0!
I understand, but why do you cite DOS 6.0 as a milestone?
 
Old 09-18-2011, 02:08 PM   #7
SigTerm
Member
 
Registered: Dec 2009
Distribution: Slackware 12.2
Posts: 379

Rep: Reputation: 233Reputation: 233Reputation: 233
Quote:
Originally Posted by Thor_2.0 View Post
Hi,

This theory still holds water: a virus can, if at all able to infect, merely exist in RAM. Infection on disk is not likely with a virus...

Thor
Incorrect. A malware, if launched, can wipe out entire user's home dir on linux system. If home dir contains anything that is automatically started (~/.kde/Autostart and bashrc come to mind), it can write malicious code there, and install background process. Malware is unlikely to propagate and gain root privileges, but it is still possible to wreak havoc within one user account, encrypt your files for ransom, etc. If home dir contains executables (games) they can be (in theory) infected. Also wpeckham was correct to mention rootkits.

Quote:
Originally Posted by wpeckham View Post
Anyone who claims that threats do not exist for the platform, has either never been hit by one, or was and blamed the results on hardware failure or operator error. They DO exist, they ARE bad, but you ARE safer with Linux than with anything from Microsoft since MS-DOS 6.0!
Ahem... using words "MS-DOS" and "virus safety" together is a bad idea.
MS-DOS had virtually no security - no multi user system, no access rights, it were running in real mode by default, and entire ram is visible for program. A heaven for virus writers.

Last edited by SigTerm; 09-18-2011 at 02:14 PM.
 
Old 09-18-2011, 02:26 PM   #8
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with Slackware 14.
Posts: 2,600

Rep: Reputation: 535Reputation: 535Reputation: 535Reputation: 535Reputation: 535Reputation: 535
Yes there are virus, malwares etc but careful use of your computer is usually all that is required to keep it safe. I am not saying 100% you can't get hit but it is not a common thing.

Quote:
Originally Posted by SigTerm View Post
Ahem... using words "MS-DOS" and "virus safety" together is a bad idea.
MS-DOS had virtually no security - no multi user system, no access rights, it were running in real mode by default, and entire ram is visible for program. A heaven for virus writers.
But considering very few, if any, people use MS-DOS 6 (the one wpeckham mentioned) for anything that can even get close to the internet it is most probably quite safe compared to modern Windows systems.

Last edited by k3lt01; 09-18-2011 at 02:28 PM.
 
Old 09-18-2011, 02:27 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,019
Blog Entries: 54

Rep: Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766
Quote:
Originally Posted by wpeckham View Post
Viri are rare in the linux world, but there are worse things.
Exactly. This should be the overarching thought.
*BTW it's "viruses": "viri" is the plural of "vir" (man).
 
Old 09-19-2011, 03:59 AM   #10
cascade9
Senior Member
 
Registered: Mar 2011
Location: Brisneyland
Distribution: Debian, aptosid
Posts: 3,718

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Quote:
Originally Posted by unSpawn View Post
*BTW it's "viruses": "viri" is the plural of "vir" (man).
+1.

http://linuxmafia.com/~rick/faq/plural-of-virus.html
 
Old 09-19-2011, 04:40 AM   #11
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
Good reading:
http://www.happyassassin.net/2009/01...inux-security/
http://www.geekzone.co.nz/foobar/6229

Yves.
 
Old 09-19-2011, 12:11 PM   #12
newbiesforever
Senior Member
 
Registered: Apr 2006
Location: Glendale, AZ
Distribution: Distro-homeless. Lost.
Posts: 1,868

Original Poster
Rep: Reputation: 62
Quote:
Originally Posted by unSpawn View Post
Exactly. This should be the overarching thought.
*BTW it's "viruses": "viri" is the plural of "vir" (man).
"Here are your Christmas boni." --Mr. Burns
 
Old 09-19-2011, 12:59 PM   #13
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,019
Blog Entries: 54

Rep: Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766Reputation: 2766
Lol
 
Old 09-19-2011, 01:10 PM   #14
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,079

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Quote:
Originally Posted by k3lt01 View Post

But considering very few, if any, people use MS-DOS 6 (the one wpeckham mentioned) for anything that can even get close to the internet it is most probably quite safe compared to modern Windows systems.
true, but back then there was always the danger of picking up a floppy that was infected (step back a few years and you'd realize that floppies, or copies of those floppies, were changing hands quite a bit in those days and an infected floppy was in fact a real threat) not to mention there were dial-up BBS services that could have been repositories of infected material, yes fewer people used BBSes than they do the internet today, but there were fewer people who had computers back then as well.

as for viruses for Linux? yeah they exist, but it takes less effort on the part of a Linux administrator to avoid them, since Linux, unlike windows is designed from the ground up to provide a least privilege security model that mitigates the threat to some extent.

if i recall correctly the only platform with no known viruses is the AS-400 (the operative word here being KNOWN viruses)

Last edited by frieza; 09-19-2011 at 01:19 PM.
 
Old 09-20-2011, 07:12 AM   #15
theYinYeti
Senior Member
 
Registered: Jul 2004
Location: France
Distribution: Arch Linux
Posts: 1,897

Rep: Reputation: 61
Sure.
Thanks to Linux security, if a malware of any sort comes to your account, the worst it can do is delete files under your own name, such as all your personal data, years of mail exchanges, years of family photographs. No big deal.
Thankfully, the OS is safe! Else you’d have to loose 20 minutes reinstalling from USB or DVD, which would be a shame…
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: On Bugs, Viruses, Malware and Linux LXer Syndicated Linux News 0 08-11-2009 06:00 AM
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM
Linux malware on the go TigerOC Linux - Networking 3 11-07-2004 02:31 AM


All times are GMT -5. The time now is 05:49 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration