viruses in linux?
 

Hi all,

What's the official word on viruses with linux? I heard somewhere that it's a good idea to install something called guard dog? I also heard not to worry about it. What do all of you suggest along those lines?

thanks in advance!

GuardDog is simply a frontend for the Linux-integrated firewall iptables.
As for virii, take a look here.

The last reported linux virus was:

W32.Peelf.2132
Discovered on: March 27, 2001

Reported by Symantec
http://securityresponse.symantec.com...eelf.2132.html

With a well set firewall (iptables front ends, mostly) and common sense, there is presently no reason to have a virus scanner on a Linux system unless it is acting as conduit for Windoze-based systems (e-mail or file server).

You are more at risk for someone trying to hack root on your system than you are getting a virus. By the way, "virus" is not Latin (anymore), so "viruses" is the plural, not "virii."

I have read that there are are not any Linux viruses actively circulating out in the wild even though 7 Linux proof of concept viruses were created many years ago. Very few Linux desktop users bother using anti-virus software. Many Linux mail servers do use anti-virus software to scan the mail that is being sent to their more vulnerable Windows clients. There are about half a dozen different Linux anti-virus products available. I use the free Clam AntiVirus scanner on my home computer. When I need to download the latest virus signatures I use the freshclam command. I also use the firewall that comes with Linux. Information about Clam AntiVirus can be found here:

http://clamav.net/

I use the Codeweavers CrossOver Office product to run several Windows programs under their slightly modified version of Wine. I use Word 2000, Excel 2000 and Adobe Photoshope 7.0 which are all Windows programs under Linux and have wondered if that might make my computer vulnerable. Below is a link to an article where someone tried to run several viruses and worms under wine. None proved to be very Linux compatible. He was probably using the ordinary version of Wine not CrossOver Office or one of the other commercial (not free) variations, not that it should make any difference. I wonder what would have happend if the viruses had been specifically designed to target that small group of Linux users who use Wine to run Windows programs? Here is his article:

http://os.newsforge.com/article.pl?s...30222&from=rss

I have also wondered about spyware. I have never heard of Linux computers having spyware problems but have never heard anyone say for sure? The majority of Windows home computers now have adverstising related spyware on them so for Windows users, anti-spyware products such as Ad-Aware and Spybot have become popular. Are Linux computers immune to that problem?

Spyware / Adware cookies? Hell yes they exist. Just like Windows you'll get them while browsing (except that Mozilla can block the unwanted ones whereas IE just accepts them again).

Otherwise? Not really. I read an article that said the day was coming, but for now malicious software is rare.

After all, most Linux software is Open Source. You'd think that would make malicious intent known ahead of time.

Re: viruses in linux?
 

The only way viruses to get in to Linux is by old service versions of BIND, SAMBA, NFS, SSH, APACHE, X11, FTP, mySQL, and several others. If those services are run carefully and updated, they will not effect the whole entire system. You have to watch out for tojans and rootkits. Though every new stable kernel version that comes out makes it a little harder for hackers to run rootkits and tojans. Since Windows does not change as often as Linux, hackers put their efforts to Windows instead.

If there is vulnerability for Linux software, the patch will be writen in a few days instead of weeks or months like for Windows.

The WINE test is ok. If a windows virus is run in WINE, it will only effect the user's account and files that he or she has write access to. If WINE is setup carefully, it will only damage files that the symbolic links in ~/.wine/dosdevices points to.

Most spyware is for Windows. The other percentage (very low percentage) is for Mac. WINE can run spyware but it will not find a lot of information about you. If you installed Internet Explorer in WINE, you have spyware. You can buy some spyware titles that sends the information of the user to an e-mail account. If you see the e-mail that the spyware program has sended, then its working.

A lot of people asks me if I'm running an anti-virus program and what the name of it. I say I do not run any anti-virus programs, because I use Linux.