LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 08-21-2008, 04:25 PM   #1
indiantechnocrat
LQ Newbie
 
Registered: Dec 2007
Posts: 2

Rep: Reputation: 0
why linux doesnt get infected by viruses...


i m a new user of linux..and want to know why its not vulnerable to viruses and if it is ,then let me know that is there any particular type of viruses that are intended for linux...i also want to know as a computer engg student that how linux can be more productive for me than windows.Whatever i do on linux i can do it in windows..for examplerogramming in c ,java and python...then in which way it will be differnt in this regards.....
 
Old 08-21-2008, 04:30 PM   #2
trist007
Member
 
Registered: May 2008
Distribution: Slackware
Posts: 972

Rep: Reputation: 56
linux is free, windows is not. Therefore, black hatters make most of their viruses for windows to get back at the "greedy" corporations. However, there are still viruses and rootkits out there that threat linux users.

As for why linux is better, well it's just way more versatile. You can do a lot more things and even have to option to create your own software without having to deal with all that proprietary stuff. I don't totally understand all the terms, but, that's what I'm feeling.

Last edited by trist007; 08-21-2008 at 04:32 PM.
 
Old 08-21-2008, 05:29 PM   #3
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Lubuntu
Posts: 19,174
Blog Entries: 4

Rep: Reputation: 428Reputation: 428Reputation: 428Reputation: 428Reputation: 428
This is a question which has been asked many times on the board. In short, Linux users do not tend to run as root/admin in their normal day to day roles. This means that any virus would not be able to gain the necessary permissions to infect anything other than the /home folder. Also, any virus would be only able to infect a small subset of distros - .rpms wouldn't work well on Debian, for example. We also don't have the "double click" mentality where users open anything that looks good. There are more reasons, but they are enough to be getting on with, I think.
 
Old 08-21-2008, 06:13 PM   #4
Berticus
Member
 
Registered: Jul 2005
Distribution: Arch
Posts: 159

Rep: Reputation: 31
In addition to XavierP, nix-based OS' do permissions correctly.
 
Old 08-21-2008, 06:46 PM   #5
r3sistance
Senior Member
 
Registered: Mar 2004
Location: UK
Distribution: CentOS 5.4, Mac OS 10.4 (tiger)
Posts: 1,005

Rep: Reputation: 79
Quote:
Originally Posted by indiantechnocrat View Post
then let me know that is there any particular type of viruses that are intended for linux...
Rootkit! not a virus but a vunability that is often aimed at linux way more then windows or Mac OS X, generally it's more aimed at web-server with the intention of taking over the root account of the machine. Once root kitted their is currently no sure fire way to remove the effects of the rootkit from the infected machine, only reinstalling the entire OS is a sure fire way to remove the root kit. Their are project still working on ways to remove the full effect of root kits.

The reason viruses are aimed at windows is because windows security wise is weaker then Mac OS X or linux. Linux also has so many different distros that writing a virus for one would possibly not effect another... however just/only relying on security by obsecurity is not a great idea and so just doing a few security tweaks and ensuring things like their are no open ports in the software firewall is a good idea. Also not abusing root is also good.

However looking at windows viruses, about 90% only work because people do things like browse the internet with or as administrator, in vista microsoft have tried to address this with the UPA? I can't remember but effectively means any access to administrative commands requires a prompt to user. Unfortantly most people don't know when to hit accept or cancel so it doesn't help that much, the biggest problem is that MS tries to be so user-friendly that it makes it more virus-friendly... Personally I find macs more usable and more secure then linux, but I'd use linux for a webserver...

Last edited by r3sistance; 08-21-2008 at 06:49 PM.
 
Old 08-21-2008, 09:04 PM   #6
Berticus
Member
 
Registered: Jul 2005
Distribution: Arch
Posts: 159

Rep: Reputation: 31
Quote:
Originally Posted by r3sistance
Personally I find macs more usable and more secure then linux, but I'd use linux for a webserver...
Eh... Mac also makes things a little too user friendly. Remember, in the PWN to Own contest, Macs were the first ones to be cracked. Just one instance though... A friend of mine who is new to Linux, but has been using Macs for a while, said from his experience Macs aren't as secure as Linux.
 
Old 08-21-2008, 09:32 PM   #7
r3sistance
Senior Member
 
Registered: Mar 2004
Location: UK
Distribution: CentOS 5.4, Mac OS 10.4 (tiger)
Posts: 1,005

Rep: Reputation: 79
Meh, Linux has better online security then windows but I wouldn't really say their's much difference between Mac OS X and linux with online security. The reason most linux boxes stay more secure is linux forces you to do alot of things the proper way, however if you do things the proper way on a Mac you'll get even less then linux, if you do things the improper way tho you'll get more. Even with linux their are some things people do in improper ways, I mean how many people allow things in /tmp to be executed? Shocking how many rootkits focus on trying to get scripts into /tmp and then get them to execute... seen it happen tho I myself flag /tmp as noexec.

No OS is immune to viruses, your unlikely to see them with Macs or Linux, but Macs still don't teach you how to do everything correctly, Linux kinda does, on the most part. Windows teachs you all the WRONG things on the other hand, but you can implement all the right things on windows and it'll actually not pick up many viruses at all.

No need to really go into physical security as you generally wouldn't invite a hacker into your house and say hey, hack my computer... however it is one place where linux still has many weaknesses. I generally wouldn't implement it on say a work network because with physical security it would be easier to have windows, tho with physical access any OS can be by-passed, I just don't like the idea of a single go in single user mode being all it takes kinda stuff... or getting a knoppnix CD in the machine to edit important stuff.

Last edited by r3sistance; 08-21-2008 at 09:34 PM.
 
Old 08-21-2008, 09:49 PM   #8
rocket357
Member
 
Registered: Mar 2007
Location: 127.0.0.1
Distribution: OpenBSD-CURRENT
Posts: 476
Blog Entries: 107

Rep: Reputation: 74
A big portion of the issue with Windows and security is how processes are handled...

In Unix, a process's memory space is properly "firewalled" from other processes. If one goes haywire (i.e. gets exploited), it can't overwrite space reserved for another process.

In Windows (9x series), processes were a free-for-all. Pretty much any process could write anywhere, administrator or not.

In Windows NT, processes were restricted with one exception: administrator processes were not firewalled from each other. One gets exploited, the others are fair game.

AFAIK, XP SP2 fixed this and anything since is properly "firewalled".

This is my understanding of the situation (well, this and the fact that Windows is a much bigger userbase so viruses would have more impact...though that doesn't hold much water because servers all over the internet have historically been overwhelmingly Unix).
 
Old 08-21-2008, 09:50 PM   #9
John VV
Guru
 
Registered: Aug 2005
Posts: 12,602

Rep: Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677
then on top of everything most Linux distros use the SELinux kernel
http://www.nsa.gov/selinux/
and that will stop most things it it is set to Enforcing and NOT permissive
 
Old 08-21-2008, 09:55 PM   #10
rocket357
Member
 
Registered: Mar 2007
Location: 127.0.0.1
Distribution: OpenBSD-CURRENT
Posts: 476
Blog Entries: 107

Rep: Reputation: 74
Quote:
Originally Posted by John VV View Post
then on top of everything most Linux distros use the SELinux kernel
http://www.nsa.gov/selinux/
and that will stop most things it it is set to Enforcing and NOT permissive
SELinux is an ACL-based security measure (corrections more than welcome if someone knows that's incorrect)...and ACL-based typically means *containment*, not *prevention*. It won't stop an attack, but it'll attempt to contain it if one does occur...similar in function to RSBAC's kernel modifications.

For preventative measures, you'd need to look into PaX, iptables, and the like.
 
Old 08-21-2008, 10:15 PM   #11
pinniped
Senior Member
 
Registered: May 2008
Location: planet earth
Distribution: Debian
Posts: 1,732

Rep: Reputation: 50
One of the things with *NIX is that YOU determine what services run and what don't. On WinDuhs, dozens of services automatically run (in fact WinDuhs wouldn't run without them) - all those numerous services seem to be configured by default to listen to external traffic and thus give crackers many opportunities to compromise the system. On Linux you can turn off all unnecessary services and the necessary ones can be configured to only listen to the LOCAL traffic or specific exernal machines, etc etc. You can also usually employ other tricks to limit damage done even if a service (like Apache) is compromised.

As for programming - all the tools are free on Linux and since most were developed on *NIX, they just work. The numerous ports to WinDuhs plus their many workarounds for various defects in WinDuhs (such as the fact that MS still haven't learned how to represent time correctly) means that you often scream, tear out your hair, and bang your head on the desk (or a wall) when working with the WinDuhs ports.
 
Old 08-22-2008, 01:47 AM   #12
John VV
Guru
 
Registered: Aug 2005
Posts: 12,602

Rep: Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677Reputation: 1677
windows ports , tell me about it .I spent 4-5 years using MniGW and CygWin before installing fedora 4 ,then 5,6,7,8 .I still have MinGW on xp , i like using bash and not cmd.exe .Also i found that 90% of the code i was compiling was on gcc 3.2 ( mingw) and only 10% in MS Visual Studio .
 
Old 08-22-2008, 04:00 AM   #13
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,885

Rep: Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774Reputation: 774
Quote:
Originally Posted by indiantechnocrat View Post
i also want to know as a computer engg student that how linux can be more productive for me than windows.
As a computer eng student, you should understand that there is a different 'philosophy' underlying nix-like systems from Windows ones. In short, because of things being configured with human-readable config files, you can get control of a lot of stuff that in Windows you only get if BigCorp decides that you should (or you can take a risk with LittleCorp, who may be good or may be a way of getting malware onto your system).

And in any case, the proprietary supplier of such systems may be hiding some of the critical info on their system for competitive reasons (so that, eg, MS can write better apps than say IBM), so maybe neither BigCorp nor LittleCorp have the best chance of writing software for the system.

Quote:
Whatever i do on linux i can do it in windows..for examplerogramming in c ,java and python...then in which way it will be differnt in this regards.....
Well, it is true that you can run various languages on windows systems. But, with windows, for convenience and productivity, you'll probably forced along the lines of Visual-something-or-another, which is only available from MS. Also the stuff with the registry makes writing your own program more difficult. If you have the Unix toolset, with all the stuff like sed/awk etc as well as the languages like Python, you will find that you can do lots in a simpler way just by pushing through text files from one tool to another.

So if you adopt the *nix mindset, it can be that you attempt something conceptually easier to achieve the same effect.

Also, in general, *nix apps/applets are normally scriptable (there are exceptions, but many are scriptable) and that means that while you can do the thing on both platforms, with experience it is easier to gain productivity on the *nix platform.
 
Old 08-22-2008, 08:06 AM   #14
jax8
Member
 
Registered: Feb 2004
Location: Australia
Distribution: Ubuntu, Fedora 10
Posts: 632

Rep: Reputation: 31
Microsoft has a bigger marker share - therefore - if you want to write a virus, you want to infect as many computers as possible. Writing viruses for linux is a bit boring because you only infect a minority of computer nerds that are probably excited by the challenge of fixing the hole in their system......boring! Infecting Windows machines can result in word wide chaos and news bulletins.
 
Old 08-22-2008, 08:46 AM   #15
rocket357
Member
 
Registered: Mar 2007
Location: 127.0.0.1
Distribution: OpenBSD-CURRENT
Posts: 476
Blog Entries: 107

Rep: Reputation: 74
Quote:
Originally Posted by jax8 View Post
Microsoft has a bigger marker share - therefore - if you want to write a virus, you want to infect as many computers as possible. Writing viruses for linux is a bit boring because you only infect a minority of computer nerds that are probably excited by the challenge of fixing the hole in their system......boring! Infecting Windows machines can result in word wide chaos and news bulletins.
I have a problem with this argument... If simple market share was the true drive for writing virii, then why is it that Unix servers all over the internet (since long before Windows came along) haven't had to run antivirus? Why haven't we seen more breakouts like the Morris Worm? Why is it that rootkits are prevalent on Unix but viruses are not?

Simple market share doesn't answer these questions...there's more to it than that.
 
  


Reply

Tags
linux, virus


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: My Linux Box is INFECTED! LXer Syndicated Linux News 3 06-07-2008 09:00 PM
More Than 90% Of Linux Systems Have Never Been Infected By A Virus masand Linux - News 11 10-14-2004 11:29 PM
Should I delete infected(?) Windows ME OS before installing Linux? genyes Linux - Newbie 4 06-10-2004 08:59 PM
RH 7.3 Server infected with Linux.Jac.8759 and Linux.RST.B virus osso09 Linux - Security 10 11-17-2003 11:37 PM
Linux.slapper infected system! Help!! cmiwebmaster Linux - Newbie 1 04-16-2003 05:46 PM


All times are GMT -5. The time now is 03:31 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration