LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-26-2003, 11:37 PM   #1
isolationist
Member
 
Registered: Feb 2003
Location: Australia
Distribution: Slackware 7.1
Posts: 45

Rep: Reputation: 15
Linux Viruses?


Is there any worry about Linux viruses?

Or does Linux have the respect of virus programmers.
 
Old 02-26-2003, 11:46 PM   #2
cuckoopint
Member
 
Registered: Feb 2003
Distribution: Debian
Posts: 797

Rep: Reputation: 30
short answer:

one does not have to worry about viruses too much in linux - because of the *nix file structure, permissions, way of doing things, etc. it is very HARD to write linux viruses (vs. not impossible) and they can't do much unless they have root access - anither reason why you don't do normal day operations as root. More worries about worms - basically eliminated by downloading from trusted sources. So, for most setups, it should be enough security to have a good firewall running and common sense. : )
 
Old 02-27-2003, 03:54 AM   #3
wr3ck3d
Member
 
Registered: Dec 2002
Location: IL
Distribution: NetBSD, Slackware, Gentoo, Debian, FreeBSD
Posts: 444

Rep: Reputation: 31
one time i scanned my windows partition and it found a virus called unix.penguin..when i looked it up it said it sends the password file in /etc to wherever its programmed to.
 
Old 02-27-2003, 04:11 AM   #4
nakkaya
Guru
 
Registered: Jan 2003
Location: Turkey&USA
Distribution: Emacs and linux is its device driver(Slackware,redhat)
Posts: 1,398

Rep: Reputation: 45
windows can see linux partions by default so how can it send it?(not juding you kust asking)
 
Old 02-27-2003, 04:43 AM   #5
kater
Member
 
Registered: Feb 2003
Location: Switzerland, Berne
Distribution: Slackware 9.0
Posts: 186

Rep: Reputation: 30
Windows can't handle any of the Linux filesystems, so how could Windows see a partition of Linux?
 
Old 02-27-2003, 07:17 AM   #6
wapcaplet
Guru
 
Registered: Feb 2003
Location: Colorado Springs, CO
Distribution: Gentoo
Posts: 2,018

Rep: Reputation: 48
Quote:
Originally posted by wr3ck3d
one time i scanned my windows partition and it found a virus called unix.penguin..when i looked it up it said it sends the password file in /etc to wherever its programmed to.
So? The password file just contains a bunch of DES hashes. Won't do a cracker much good unless they have as much computing power as the NSA to brute-force them... Unless you use shadow passwords, in which case it doesn't even contain that. The most exciting knowledge that can be gained from the passwd file is username, uid, gid, home directory, and shell.

Last edited by wapcaplet; 02-27-2003 at 07:24 AM.
 
Old 02-27-2003, 12:59 PM   #7
wr3ck3d
Member
 
Registered: Dec 2002
Location: IL
Distribution: NetBSD, Slackware, Gentoo, Debian, FreeBSD
Posts: 444

Rep: Reputation: 31
no, i was in windows and scanned my windows partition....was just mentioning that i did come across a linux virus.
 
Old 02-27-2003, 01:24 PM   #8
Proud
Senior Member
 
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794

Rep: Reputation: 116Reputation: 116
But you didnt, so anyway...

Don't run suspicious shell scripts

Last edited by Proud; 02-27-2003 at 01:27 PM.
 
Old 02-27-2003, 01:35 PM   #9
wr3ck3d
Member
 
Registered: Dec 2002
Location: IL
Distribution: NetBSD, Slackware, Gentoo, Debian, FreeBSD
Posts: 444

Rep: Reputation: 31
dont understand...what didn't i??
 
Old 02-27-2003, 01:40 PM   #10
Proud
Senior Member
 
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794

Rep: Reputation: 116Reputation: 116
It's not a virus, look up the definition, that's just some stupid malicious code.
 
Old 02-28-2003, 12:23 AM   #11
isolationist
Member
 
Registered: Feb 2003
Location: Australia
Distribution: Slackware 7.1
Posts: 45

Original Poster
Rep: Reputation: 15
couldn't all viruses be classified as 'stupid malicious code'?
 
Old 03-02-2003, 07:19 AM   #12
Proud
Senior Member
 
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794

Rep: Reputation: 116Reputation: 116
True, but I was going for the angle that a virus replicates itself, while malicious code doesnt have to by definition.
Quote:
What is a virus?
A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:
It must execute itself. It will often place its own code in the path of execution of another program.
It must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. Viruses can infect desktop computers and network servers alike.
 
Old 03-05-2003, 12:33 PM   #13
fenriswolf
Member
 
Registered: Jul 2001
Location: Boston
Distribution: Slack, SuSe, Debian
Posts: 30

Rep: Reputation: 15
virii dont necessarily spread themselves, and they dont necessarilly need to execute temselves. Those are all worm qualities...most viruses need the user to execute them...usually the user is tricked into exevuting.
 
Old 03-05-2003, 12:48 PM   #14
Proud
Senior Member
 
Registered: Dec 2002
Location: England
Distribution: Used to use Mandrake/Mandriva
Posts: 2,794

Rep: Reputation: 116Reputation: 116
In which case I'd refer you to the definition of a worm from the same link:
Quote:
What is a worm?
Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. PrettyPark.Worm is a particularly prevalent example.
You seem to be describing malicious code, for that code to techincally be a virus or worm it must furfill the definitions stated.
It's why a 'virus' or 'worm' got it's name in the first place, biological virii replicate themselves, etc.
 
Old 03-05-2003, 12:59 PM   #15
fenriswolf
Member
 
Registered: Jul 2001
Location: Boston
Distribution: Slack, SuSe, Debian
Posts: 30

Rep: Reputation: 15
Yes. but Virii fo not replicate without the permission of the user. In all virus cases, the user must run something, whether or not he knows it contains virus code, he still has to run it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
viruses in linux? chemdawg Linux - Newbie 7 01-28-2005 01:31 AM
Linux Viruses? LinuxPimp Linux - Security 9 10-26-2004 01:51 PM
Viruses, Worms and Linux programmershous Linux - General 2 03-15-2004 09:33 AM
linux and viruses im_ka Fedora 2 02-13-2004 06:12 PM
linux and viruses??? spyghost Linux - Software 11 09-21-2003 05:45 PM


All times are GMT -5. The time now is 04:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration