why linux doesnt get infected by viruses...
 

i m a new user of linux..and want to know why its not vulnerable to viruses and if it is ,then let me know that is there any particular type of viruses that are intended for linux...i also want to know as a computer engg student that how linux can be more productive for me than windows.Whatever i do on linux i can do it in windows..for example:programming in c ,java and python...then in which way it will be differnt in this regards.....

linux is free, windows is not. Therefore, black hatters make most of their viruses for windows to get back at the "greedy" corporations. However, there are still viruses and rootkits out there that threat linux users.

As for why linux is better, well it's just way more versatile. You can do a lot more things and even have to option to create your own software without having to deal with all that proprietary stuff. I don't totally understand all the terms, but, that's what I'm feeling.

This is a question which has been asked many times on the board. In short, Linux users do not tend to run as root/admin in their normal day to day roles. This means that any virus would not be able to gain the necessary permissions to infect anything other than the /home folder. Also, any virus would be only able to infect a small subset of distros - .rpms wouldn't work well on Debian, for example. We also don't have the "double click" mentality where users open anything that looks good. There are more reasons, but they are enough to be getting on with, I think.

In addition to XavierP, nix-based OS' do permissions correctly.

Rootkit! not a virus but a vunability that is often aimed at linux way more then windows or Mac OS X, generally it's more aimed at web-server with the intention of taking over the root account of the machine. Once root kitted their is currently no sure fire way to remove the effects of the rootkit from the infected machine, only reinstalling the entire OS is a sure fire way to remove the root kit. Their are project still working on ways to remove the full effect of root kits.

The reason viruses are aimed at windows is because windows security wise is weaker then Mac OS X or linux. Linux also has so many different distros that writing a virus for one would possibly not effect another... however just/only relying on security by obsecurity is not a great idea and so just doing a few security tweaks and ensuring things like their are no open ports in the software firewall is a good idea. Also not abusing root is also good.

However looking at windows viruses, about 90% only work because people do things like browse the internet with or as administrator, in vista microsoft have tried to address this with the UPA? I can't remember but effectively means any access to administrative commands requires a prompt to user. Unfortantly most people don't know when to hit accept or cancel so it doesn't help that much, the biggest problem is that MS tries to be so user-friendly that it makes it more virus-friendly... Personally I find macs more usable and more secure then linux, but I'd use linux for a webserver...

Eh... Mac also makes things a little too user friendly. Remember, in the PWN to Own contest, Macs were the first ones to be cracked. Just one instance though... A friend of mine who is new to Linux, but has been using Macs for a while, said from his experience Macs aren't as secure as Linux.

Meh, Linux has better online security then windows but I wouldn't really say their's much difference between Mac OS X and linux with online security. The reason most linux boxes stay more secure is linux forces you to do alot of things the proper way, however if you do things the proper way on a Mac you'll get even less then linux, if you do things the improper way tho you'll get more. Even with linux their are some things people do in improper ways, I mean how many people allow things in /tmp to be executed? Shocking how many rootkits focus on trying to get scripts into /tmp and then get them to execute... seen it happen tho I myself flag /tmp as noexec.

No OS is immune to viruses, your unlikely to see them with Macs or Linux, but Macs still don't teach you how to do everything correctly, Linux kinda does, on the most part. Windows teachs you all the WRONG things on the other hand, but you can implement all the right things on windows and it'll actually not pick up many viruses at all.

No need to really go into physical security as you generally wouldn't invite a hacker into your house and say hey, hack my computer... however it is one place where linux still has many weaknesses. I generally wouldn't implement it on say a work network because with physical security it would be easier to have windows, tho with physical access any OS can be by-passed, I just don't like the idea of a single go in single user mode being all it takes kinda stuff... or getting a knoppnix CD in the machine to edit important stuff.

A big portion of the issue with Windows and security is how processes are handled...

In Unix, a process's memory space is properly "firewalled" from other processes. If one goes haywire (i.e. gets exploited), it can't overwrite space reserved for another process.

In Windows (9x series), processes were a free-for-all. Pretty much any process could write anywhere, administrator or not.

In Windows NT, processes were restricted with one exception: administrator processes were not firewalled from each other. One gets exploited, the others are fair game.

AFAIK, XP SP2 fixed this and anything since is properly "firewalled".

This is my understanding of the situation (well, this and the fact that Windows is a much bigger userbase so viruses would have more impact...though that doesn't hold much water because servers all over the internet have historically been overwhelmingly Unix).

then on top of everything most Linux distros use the SELinux kernel
http://www.nsa.gov/selinux/
and that will stop most things it it is set to Enforcing and NOT permissive

SELinux is an ACL-based security measure (corrections more than welcome if someone knows that's incorrect)...and ACL-based typically means *containment*, not *prevention*. It won't stop an attack, but it'll attempt to contain it if one does occur...similar in function to RSBAC's kernel modifications.

For preventative measures, you'd need to look into PaX, iptables, and the like.

One of the things with *NIX is that YOU determine what services run and what don't. On WinDuhs, dozens of services automatically run (in fact WinDuhs wouldn't run without them) - all those numerous services seem to be configured by default to listen to external traffic and thus give crackers many opportunities to compromise the system. On Linux you can turn off all unnecessary services and the necessary ones can be configured to only listen to the LOCAL traffic or specific exernal machines, etc etc. You can also usually employ other tricks to limit damage done even if a service (like Apache) is compromised.

As for programming - all the tools are free on Linux and since most were developed on *NIX, they just work. The numerous ports to WinDuhs plus their many workarounds for various defects in WinDuhs (such as the fact that MS still haven't learned how to represent time correctly) means that you often scream, tear out your hair, and bang your head on the desk (or a wall) when working with the WinDuhs ports.

windows ports , tell me about it .I spent 4-5 years using MniGW and CygWin before installing fedora 4 ,then 5,6,7,8 .I still have MinGW on xp , i like using bash and not cmd.exe .Also i found that 90% of the code i was compiling was on gcc 3.2 ( mingw) and only 10% in MS Visual Studio .

As a computer eng student, you should understand that there is a different 'philosophy' underlying nix-like systems from Windows ones. In short, because of things being configured with human-readable config files, you can get control of a lot of stuff that in Windows you only get if BigCorp decides that you should (or you can take a risk with LittleCorp, who may be good or may be a way of getting malware onto your system).

And in any case, the proprietary supplier of such systems may be hiding some of the critical info on their system for competitive reasons (so that, eg, MS can write better apps than say IBM), so maybe neither BigCorp nor LittleCorp have the best chance of writing software for the system.

Well, it is true that you can run various languages on windows systems. But, with windows, for convenience and productivity, you'll probably forced along the lines of Visual-something-or-another, which is only available from MS. Also the stuff with the registry makes writing your own program more difficult. If you have the Unix toolset, with all the stuff like sed/awk etc as well as the languages like Python, you will find that you can do lots in a simpler way just by pushing through text files from one tool to another.

So if you adopt the *nix mindset, it can be that you attempt something conceptually easier to achieve the same effect.

Also, in general, *nix apps/applets are normally scriptable (there are exceptions, but many are scriptable) and that means that while you can do the thing on both platforms, with experience it is easier to gain productivity on the *nix platform.

Microsoft has a bigger marker share - therefore - if you want to write a virus, you want to infect as many computers as possible. Writing viruses for linux is a bit boring because you only infect a minority of computer nerds that are probably excited by the challenge of fixing the hole in their system......boring! Infecting Windows machines can result in word wide chaos and news bulletins.

I have a problem with this argument... If simple market share was the true drive for writing virii, then why is it that Unix servers all over the internet (since long before Windows came along) haven't had to run antivirus? Why haven't we seen more breakouts like the Morris Worm? Why is it that rootkits are prevalent on Unix but viruses are not?

Simple market share doesn't answer these questions...there's more to it than that.