Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
one does not have to worry about viruses too much in linux - because of the *nix file structure, permissions, way of doing things, etc. it is very HARD to write linux viruses (vs. not impossible) and they can't do much unless they have root access - anither reason why you don't do normal day operations as root. More worries about worms - basically eliminated by downloading from trusted sources. So, for most setups, it should be enough security to have a good firewall running and common sense. : )
Originally posted by wr3ck3d one time i scanned my windows partition and it found a virus called unix.penguin..when i looked it up it said it sends the password file in /etc to wherever its programmed to.
So? The password file just contains a bunch of DES hashes. Won't do a cracker much good unless they have as much computing power as the NSA to brute-force them... Unless you use shadow passwords, in which case it doesn't even contain that. The most exciting knowledge that can be gained from the passwd file is username, uid, gid, home directory, and shell.
True, but I was going for the angle that a virus replicates itself, while malicious code doesnt have to by definition.
What is a virus?
A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:
It must execute itself. It will often place its own code in the path of execution of another program.
It must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. Viruses can infect desktop computers and network servers alike.
virii dont necessarily spread themselves, and they dont necessarilly need to execute temselves. Those are all worm qualities...most viruses need the user to execute them...usually the user is tricked into exevuting.
In which case I'd refer you to the definition of a worm from the same link:
What is a worm?
Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. PrettyPark.Worm is a particularly prevalent example.
You seem to be describing malicious code, for that code to techincally be a virus or worm it must furfill the definitions stated.
It's why a 'virus' or 'worm' got it's name in the first place, biological virii replicate themselves, etc.