LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 03-04-2002, 12:53 AM   #1
Aussie
Senior Member
 
Registered: Sep 2001
Location: Brisvegas, Antipodes
Distribution: Slackware
Posts: 4,590

Rep: Reputation: 56
Linux virus protection......wtf?


A friend of mine has just pointed me to this link, it's a free beta of a virus scanner for linux. Am I just a cynic or is this just the first stage of a plan to scam money from clueless newbies?
 
Old 03-04-2002, 01:13 AM   #2
goneaway
Member
 
Registered: Jan 2002
Location: Denver, Colorado, United States
Distribution: Gentoo, Debian, Rubyx
Posts: 78

Rep: Reputation: 15
Angry A scam methinks...

I love how they also offer a fee based virus alert mailing list. For only x dollars (or Euro) they'll send you a lovingly crafted email (very expensive to duplicate, I've heard) letting you know about whatever Linux viruses Microsoft is writing.

The funny part is that there at least a couple of virus projects active at Sourceforge.net.
 
Old 03-04-2002, 02:25 AM   #3
Aussie
Senior Member
 
Registered: Sep 2001
Location: Brisvegas, Antipodes
Distribution: Slackware
Posts: 4,590

Original Poster
Rep: Reputation: 56
AFAIK the source forge projects are for mail servers, which is a legit linux use of a virus scanner, checking the attachments as the mail passes through so the windoze clients don't get infected.
 
Old 03-04-2002, 09:24 AM   #4
CragStar
Senior Member
 
Registered: Oct 2000
Location: UK - Frome
Distribution: Ubuntu
Posts: 1,081

Rep: Reputation: 47
Virus protection in Linux is a very quickly browsed over topic.

I can see both sides for wanting to release a Virus scanner for Linux.

One:- They obviously do want to start up in a market with no competition - make money.

Two:- For Linux users this could be a good thing. If ppl using Linux get into good security habits (unlike early M$ users) there may never be something like the I LOVE YOU virus for Linux (not in terms of destruction. as a type of virus I shouldn't think so at all), because ppl will be more aware if the possible dangers. It is possible to create virus' for Linux, although there have been hardly any released due to mainly (I feel) the protection of the community. Virus writers already have one huge (vulnerable!) target to aim for. Also, M$ virus' spread further and have a bigger effect.

So is a Linux Virus scanner going to be any good. Well, the only thing that a scanner can do is remove any virus' it knows about - and seeing as there are only a handful for Linux I don't really se much point in using it.

What would be better is for newbies to take precutions, such as limiting the access of normal users to important folders/directories - only use root for essential system work - set correct file permissions.

Like using any OS - be vigilent!
 
Old 03-04-2002, 09:44 AM   #5
Stephanie
LQ Addict
 
Registered: May 2001
Location: Arizona
Distribution: 9.2 Mandy 1.4 Gentoo 5.1 FreeBSD WinXP
Posts: 1,166

Rep: Reputation: 45
Cragstar wrote:
Quote:
Virus protection in Linux is a very quickly browsed over topic.
This is a very true statement. Many friends i know are under the misconception that Linux is immune to viruses, and that is simply not true.

Now it is much more resilient against attacks then MicroSoft products, due to its use of permissions and the fact so many millions of people correct holes in the kernel source sode, but it is still possible to make viruses that hurt a Linux system.

I think once Linux really hits the big time, more viruses will show up. It is simply not a popular target yet.
 
Old 03-05-2002, 08:40 AM   #6
CragStar
Senior Member
 
Registered: Oct 2000
Location: UK - Frome
Distribution: Ubuntu
Posts: 1,081

Rep: Reputation: 47
I know what you mean - before I knew Linux that well I used to make statements to my windows loving friend that "Linux was immune for viruses!".

I've kinda toned that down a bit now.

Does anyone know of any linux viruses about - with any links to info or something?
 
Old 03-05-2002, 11:33 AM   #7
Stephanie
LQ Addict
 
Registered: May 2001
Location: Arizona
Distribution: 9.2 Mandy 1.4 Gentoo 5.1 FreeBSD WinXP
Posts: 1,166

Rep: Reputation: 45
Cragstar wrote:
Quote:
Does anyone know of any linux viruses about - with any links to info or something
A good site to start would be Linux Security Website . They have lots of good info on any discovered holes and breaches, as well as offer news on virus attacks and related material.
 
Old 03-05-2002, 01:12 PM   #8
CragStar
Senior Member
 
Registered: Oct 2000
Location: UK - Frome
Distribution: Ubuntu
Posts: 1,081

Rep: Reputation: 47
Cheers - excellent link.
 
Old 03-05-2002, 01:46 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
If I may include worms and other malware into the virus definition, here's Mcafee's uvscan vs RAV on some tarballs:

AVS:
xxx.tar/ifconfig Found the Linux/Rootkit-A trojan !!!
xxx.tar/linsniffer Found the Linux/Rootkit-C trojan !!!
xxx.tar/netstat Found the Linux/Rootkit-C trojan !!!
xxx.tar/ps Found the Linux/Rootkit-C trojan !!!
xxx.tar/sense Found the Linux/Rootkit-C trojan !!!
xxx.tar/sl2 Found the DDoS-Blitz trojan !!!
rootkit/xxxx.tgz/xxxx/xxxx.tgz/bin/sz Found virus or variant Linux/Lion.worm !!!
rootkit/xxxx.tgz/xxxx/xxxx.tgz/tools/mirkforce Found trojan or variant Linux/Mirkforce !!!

RAV:
xxx.tar.gz->xxx.tar->xxxx/ifconfig Infected_with:_Trojan/Linux.RootKit.40_(exact)
xxx.tar.gz->xxx.tar->xxxx/sl2 Infected_with:_Trojan/Blitz_(exact)

No viruses, definately different results, but anyway a way to know if there's something malicious around without having to do "strings" on everything.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Does Linux Require Virus Protection? phantom87s Linux - General 7 12-13-2008 10:31 AM
Virus protection for Linux vital_101 Linux - Security 2 09-22-2005 05:59 AM
BEST firewall and virus protection for Linux sschreiner72 Linux - Software 8 02-01-2004 12:43 PM
is there any anti-virus protection tools for Linux gexiaofei Linux - Software 4 07-26-2003 07:33 AM
need virus protection FLuff_Suit Linux - General 5 05-06-2002 01:08 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 10:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration