I know that there are many threads having to do with Linux & viruses, but that's not my question (which I did google). Do you know of any instant messaging viruses/worms for Linux? Also, do the viruses that target a program aim affect other programs like gaim?

If you have any information about linux & instant messaging worms or just a link to look at, I'd really appreciate it.

There are worms and there are viruses, and there may be malware that use both techniques.

A virus infects files whereas a worm spreads itself in a network exploiting program vulnerabilities. These may be in the graphics libraries, compression, etc.

1-Never use the root account when its privileges aren't really needed and your system may be safe.

2- Install a tripwire-like program (search "file integrity checking").

Unix malware will never use virus techniques because they're ineffective. They could install a backdoor that listens at a port via shellcode in a corrupted image file (hypothetical). This leads us to:

3- Install a firewall that lets you browse the net but blocks everything incoming

4- Keep your system updated so the vulnerabilities won't be used again.

5- Be careful downloading software. Tried and tested versions are better. You never know if someone implanted a troyan in something you downloaded from a legitimate site.

6- Browse the logs. Familiarize yourself with what it's more important.

I'm missing many things here. There are checklists out there

Thanks. Actually I was just wondering if anyone knows of any specific Instant Messenger viruses/worms/trojans that target linux (doesn't matter how ineffective or local they happen to be).

I don't know of any, but I both distrust and dislike IM as a matter of course and have it blocked both incoming and outgoing at the firewall level.

The trouble with IM is that, here you have this program always-running on a user account that is instantly ready to receive and to respond to a message .. containing what? .. from .. who? where? ... really? how do we know? It will inevitably be an interruption; it could well be an advertisement; the true source of the message is not subject to authentication; an absent-minded response to it could be quite harmful. And so they are blocked, and I'd do the same.

(adding to primo.)

5a. Check the hashes.
5b. Check the PGP sigs of the hashes.

Sorry, this is good stuff, but I'm afraid it's not really answering your orig. Q.

that's alright. thanks anyway.

You could look at past Gaim security notices. Off hand I don't think they have had any virus problems, but there have been the odd remote crash or the like. Just keep whichever IM program you are using up to date, and you'll be 99% safe.

that's a good idea - thanks

Just to chime in I've never heard of any virus that targets a Linux IM client. Linux viruses are rare and those that actually spread in any significant numbers are almost unheard of so you're pretty safe. Most IM apps like GAIM and Kopete do have fairly regular security fixes, if you use the update mechanism that came with your distro you should be protected from these fairly quickly.