Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
The true real world reason is primarily the same effect as biodiversity for disease resistance in biology:
There are a lot more Windows systems than Linux systems and the security holes tend to be more similar between two Windows systems than between two Linux systems.
So creating a virus for Linux is more effort for less impact than creating one for Windows, so more virus writers focus on Windows.
For the few Linux viruses that are written, there is a lower population of susceptible hosts, so they spread slower.
Multiply fewer original viruses by slower spread and you get far fewer infections.
why people say virus cannot make damages linux.
That isn't really true.
A Linux system or a Windows system can be set up to be much more secure than the typical install by a home user. Linux has some fundamental (as opposed to biodiversity) reasons it may be more secure, so it may be easier for a non expert to make a Linux system relatively secure and easier for an expert to make a Linux system absolutely secure than would be possible in Windows. I don't have the expertise to say much more about that.
But the typical home user doesn't do any of that. So a virus targeting exactly the security mistakes you make on your Linux system could easily trash your Linux system. You are protected by the fact that it isn't worth someone's effort to write that virus. (And if someone did, it still would have very little chance of finding your computer).
Also, the many Linux systems operated by people who are expert and careful about security provide even further protection for those of us who aren't as careful, because they make it even harder for Linux viruses to spread.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
2 other things, first of all, any program run by a user is granted the same priveleges as the user running it, in windows, the user is all but encouraged to run everyday tasks such as web browsing/im chatting using an account with an account that has admin priveleges, therefore even a small bug in the routine that draws the mouse cursor in windows can potentially be exploited to gain full access to your machine, whereas in linux it is designed from the ground up to have one and ONLY one user with full admin priveleges, thus unless a user has 'sudo' priveleges all their processes run with limited permissions and even then they have to explicitly tell linux to run something as root using sudo
therefore in windows a virus gets in, it can infect the whole OS, whereas in linux, unless you run as root on a regular basis, if a virus gets in it only has priveleges to infect that user's files but can't touch the core OS
second, windows makes things easier by 'dummying them down' by allowing executables to be downloaded and run without asking your permission, thus making it possible for virus/spyware writers to attack your system and install their malware without you even knowing it because of all the flashy 'user friendliness' of windows making for an attack vector
Any system that can be hacked can be infiltrated with virus. Linux is not an exception. "If it bleeds, we can kill it." says Schwarzeneger in Predator. That's a good lesson that humbles us.
Only that, because of sound engineering and implementation Linux has developed a very strong immune system to resist common viruses that plagued other operating systems.
Granted that virus has entered a GNU/Linux file system, what would it do there? It has no right to execute whatever demonic or malicious intention it has: its like a robber with a dagger but lost his both arms, or a sniper without an ammo?
Another reason is that, in GNU/Linux community nothing can much entice "commercialists and profit hungry people" as to encourage them write viruses or hire clever heads for that in order to earn money, if they sell antivirus software after creating one their competitors (this community) will give you "free!" so they don't invest that naughty craft in this side of the world. As you know viruses are not wrought from dullards, they are created by real heads and to hire one for that is expensive.
The technical side has more explanations to your question. Just wait for the senior members, when they're awake they tell you more.
and why people say virus cannot make damages linux. Thank you in advance.
It's false. They would have a harder time though.
Originally Posted by reavean
I am a newbie here and I have interests in operatin systems and its concepts.I jus want to know why linux is more secure
There are thousands of reasons, I'd highlight these:
obscurity, there are lots of linux distros that works differently, different architectures, different kernel versions that will render any rootkit for another version useless.
separation of privileges out of the box, in windows you are always root, so any buggy activex script in a harmful website has FULL ACCESS to every single byte on your system, this can be alleviated if the user has the knowledge to do that, which is not the case 99.99999% of the times. In linux, at most, any malicious code that runs under your user account can only damage those files that are writable by you.
the windows firewall can't compare in flexibility and power to iptables, not at all
vulnerabilities are reviewed by thousands, instead of a couple of ms technicians, and they are fixed quick, you can even fix them yourself, which is impossible in a closed source system
linux is much more strict in what a program can and can't do than windows, a buggy program should never be able to crash your whole system unless the problem resides in the kernel or a driver module
At the end of the day, a system is as secure as knowledgeable its administrator is. So, while linux becomes more famous and more non-techie users come to linux more linux based malware will eventually arise.
I want to expand on one detail of something others have said.
Originally Posted by frieza
in windows, the user is all but encouraged to run everyday tasks such as web browsing/im chatting using an account with an account that has admin priveleges,
Originally Posted by i92guboj
in windows you are always root
In Linux, if an ordinary application only works for root, that application is considered broken. Distributions won't include it and most people won't figure out how to use it. People understand the need for sudo for operations that have an obvious need for it, but won't accept the need for sudo when it is there just because the programmer was sloppy.
In Windows, if an ordinary application only works for members of the "administrators" group (equivalent to Linux root), that is pretty common and anyone who wants to use that application will make their primary login a member of the computer's administrators group.
I will try not to repeat what others already said. I would say:
Everything is in the concept.
Windows has been desinged to be easy, so that a person without any computer knowledge would be able to do everything. So if you receive an email from a friend and it has a progam attached and it's an .exe file, all you do is click and... the program runs.
That's because the Windows concept allows that kind of action. And now Microsoft is trying to fix this concept by asking the user "Are you really so stupid to run this program that can damage your computer?"
Look at what this has lead us to, Try and click on something in a mail client and run something? If you get 50 emails with pictures you have to click on a button with each email to allow the images to be displayed in order to read those 50 emails. Ridiculous!
If it wasn't for the Windows system, we wouldn't probably have this today.
On Linux the concept is different. When you install the system you then are asked to create user accounts. So only then you can login and work with the system. On Windows you also can work as a regular user, but no one bothers to play with creating user accounts after the installation. Remeber, things must be easy?
If you can browse the internet as the Admin, why not?
On Linux in order to execute/run that progam you got in the attachment you would have to save it on your hard drive. Then you would have to do certain manual actions to make the program run, when you save the file it does not automatically get the permissions to be executed.
When you save a file, it usually gets the permissions:
So you need to change it to at least rwxr--r-- in order to be able to run it.
So for a simple person without any knowledge how a computer works it takes more than just a click to kill someones computer. And even if you get to the point when you can run the program, it can mainly damage what's in your personal folders, not the whole system! You may loose your documents, pictures, music, but your system will continue to do the job. THe program you will run may steal your personal information though, but still not damage the system. At least not so easily.
Of course if you have something like Java that allows you to run a progam in a browser, this only proves the concept is wrong again.
To me the whole concept of running progams in a web broswer is completely ridiculous, this is why we have web pages damaging computers. But what can we do now, probably nothing, the world moves on...
And think of protecting your c:\windows\system32 folder by setting the permissions as READ ONLY. You will not be able to update your system 3 times a day. As with Linuxes the concept is different, you can stay logged in as a regular use and run admin progams as root, but only when you allow them to and you know what you are doing.
On WIndows at work I am logged in as a domain user, which proves the UNIX concept. On Windows you can run admin progams and utilities with the "run as".
But I don't think people at home have Windows domains to control their computers.
“Computers have enabled people to make more
mistakes faster than almost any invention in history,
with the possible exception of tequila and hand guns”
Last edited by rysiekmus2; 03-13-2009 at 08:19 PM.