Hi

I'm quite new with Linux, so please help me.
Are there any way a Windows virus can be running on Linux, or infect windows machines on a lan through Linux?
These days it's quite easy to have variuse exe dailers, or trojans downloaded on a windows machine if you enter the wrong url when uou're surfint the web. But if you're surfing from a Linux host, can this exe file infect windows machines on the same network?
Or are Linux machines considered "safe" from this kind of files?
At work we are setting up a Linux workstation for a consultant , but we're a bit uncertain if we need to install a virus scanner on the machine. This machine's only connection with the rest of the lan is that it will be located on the same subnet as our windows clients. There will not be any samba client or other integration with our Windows servers and workstations.

Please help

/Andy

Typically I would install a virus scanner because although the virus won't be active on linux, he could pass it to you through email, or if he dumps files on a public share drive, etc.

But if he downloads a windows virus, it won't run on linux and infect the other machines as if it was downloaded on windows. He would have to explicitly send it to someone and that person would then have to run it.

OK

So, in our case where the user has no access to Windows servers, no communication to other host on the internal network, only web access for websurfing, there are no treaths for our internal machines if he where to download either a virus through javascrips, or click on a link that would download any kind of dialer?
Since the software would simply NOT execute on Linux.

/A.

That's been my (somewhat limited) experience...

It sounds like even a Windows box wouldn't be a threat to the rest of your network with that setup. It would only be a threat to itself.

In this case, Linux applications are much less of a threat to themself than Windows apps are (it's still possible for application level exploits though, especially via web content--Firefox for instance, has had dozens of security flaws).

andy.s,
I think windows virus may run under wine(Some linux automatic run exe file with wine), cxoffice. Please be carefull for some virus under exe file. I personally saw how hacker combine virus into a exe file and escape from norton antivirus.
Regards,
Ks

OK, so that could be a risk.
But the machine we're setting up is a plain FC6 with no spesiall add-ons execpt NEssus and Nmap. I'll guess that Wine or cxoffice is NOT a part of this setup, so again, the machine should not pose a risk.
Correct?

/A.

Even with WINE the exe/virus would be restricted to the rights of the user account. In fact, all disk access would be resitriced to that user's /home dir even, as the entire emulated Windows "C" drive exists as a hidden dir there. So basically there's really nothing a compiled binary Windows virus could do. Interpreted cross-platform code (i.e. PHP, JavaScript) poses a much greater threat, IMVHO.

I think the practical answer is:
You probably don't need anti-virus, but you should be careful to enable the security features in the OS. Make sure it has a firewall configured, and make sure any unnecessary services are disabled. Any web browsing done from the machine should not be done as "root". Ideally the web browsing should go through your corporate proxy (if you have one) to ensure that it has the same restrictions applied as your normal users get.

By the way, I have to ask: If you're installing Nessus & NMAP on the machine (pen-testing tools), are you sure that the machine doesn't have any access to the rest of your network? What are they going to pen-test with no access? If they're going to test only your external network, then the machine should be patched into a switch at the perimeter of your network and at that point it's basically no different (from your prospective) than a computer in someone's house on DSL.